Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: Here wer go again. I need help!

  1. #11
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,959

    Default

    My system appears to be running better.
    Any issues remaining?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  2. #12
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    I haven't encountered any issues.
    Bigalo

  3. #13
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    I guess I spoke to soon. While using Firefox, it slowed up again. Even when I pulled up this forum, it was taking too long to pick the site in my bookmarks, and for it to load, once selected. Is it possible that Firefox is the issue. I use it because it works better with certain sites that I access, which makes it a no-brainer for me to use this site over Internet Explorer.
    Bigalo

  4. #14
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,959

    Default

    It might be a Firefox issue but, not sure.

    Try this step first, and if not try to second option.

    Flush the FireFox Cache
    (these directions are specific to Firefox 19, if you have a different version the exact steps might be slightly different)
    • In Firefox, Options
    • Select Options
    • Select Privacy tab
    • Find the section that reads: You might want to clear your recent history or remove individual cookies
    • Select clear your recent history
    • Click the Details drop-down arrow
    • Make sure a check mark is placed in the following boxes:
    • Cookies
    • Cache
    • Next select the Time Range to Clear drop-down menu
    • Select Everything (this will only delete all the cookies and cache, and will save the other items not selected)
    • Click Clear Now

    =========================

    If no success
    Instructions on how to backup your Favourites/Bookmarks and other data can be found below.


    Let me know how this works out.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #15
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    I just completed the first step. I will work with it for a few hours and provide a report later. Thanks!
    Bigalo

  6. #16
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,959

    Default

    We may also need to reset your router.

    If you can give me the name of the one you have, or if you know how to so this, let me know.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #17
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    System is still experiencing the same issues, even after completing the steps outlined above. I've also experienced the issues after resetting my D-Link DIR 860L router.
    Bigalo

  8. #18
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,959

    Default

    Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

    How to use ComboFix

    Download ComboFix from here:
    Link 1
    Link 2
    Link 3

    Place ComboFix.exe on your Desktop <--Important
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
      * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.



      You can get help on disabling your protection programs here
    • Double click on ComboFix.exe & follow the prompts.
    • You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)
    • Your desktop may go blank. This is normal. It will return when ComboFix is done. Combofix may need to reboot your computer more than once to do its job this is normal.
    • When finished, it shall produce a log for you. Post that log in your next reply

      Note:
      Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


      Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

      ---------------------------------------------------------------------------------------------
    • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

      Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
      Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
      ---------------------------------------------------------------------------------------------
    • If there are Internet issues after running ComboFix:
      Internet Explorer:
      Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" and check to "Automatically detect settings". Also clear any proxy address and port. ok, apply (only if applicable), ok.
      Firefox:
      Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection. "No Proxy" should be selected, unless you have one set up yourself.
      Chrome:
      Select -> Tools menu -> then "Options", then go to "Change Proxy Settings", then "LAN Settings" , then take out the check mark for "Use a proxy server for your LAN" if set, unless you set this up yourself.
      Safari
      Launch Safari
      Go to general settings menu
      Then in Preferences/ Advanced
      Then on line click Proxies change settings ...
      Click Internet Options, then click the Connections tab, click Network Settings.
      Disable option (uncheck) for the use of proxy server ...
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #19
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    The Combofix log is as follows:


    ComboFix 15-06-09.01 - RAB Office 06/16/2015 19:28:38.3.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8153.5508 [GMT -4:00]
    Running from: c:\users\RAB Office\Desktop\ComboFix.exe
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\PCDr\6584\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4628ddf8-b4cb-4445-b869-56cb92eae20b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\48db0c93-e691-44fc-9c6b-a61e60525cfe.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4e3bd962-072e-42a0-8ffb-faf4fbf06230.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\5d051b98-7605-4cfa-8547-334cf523870e.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\943fb1bd-a66d-43d4-943d-6261ebf98050.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\a05de01f-6d84-4008-82c8-44786a5ba980.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\a7a4f473-8998-4029-be3e-f4280478bd6b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ac83e4d3-2f37-4679-a3b4-b7f5aa568264.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\b9f9154e-1581-4a2a-a195-eeb46e9e239b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\c6bf01ba-05a7-4930-b8dd-7c5fd03e97ac.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\c749e834-df0f-483e-9946-33435f37c240.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\caac49ab-d9d8-4f29-a409-2a9a30ae62af.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2015-05-16 to 2015-06-16 )))))))))))))))))))))))))))))))
    .
    .
    2015-06-16 23:35 . 2015-06-16 23:35 -------- d-----w- c:\users\Public\AppData\Local\temp
    2015-06-16 23:35 . 2015-06-16 23:35 -------- d-----w- c:\users\Gayle\AppData\Local\temp
    2015-06-16 23:35 . 2015-06-16 23:35 -------- d-----w- c:\users\Gayle.RABOffice-PC\AppData\Local\temp
    2015-06-16 23:35 . 2015-06-16 23:35 -------- d-----w- c:\users\Default\AppData\Local\temp
    2015-06-13 19:35 . 2015-06-13 19:35 -------- d-----w- c:\program files (x86)\ESET
    2015-06-13 19:30 . 2015-06-13 19:33 -------- d--h--w- c:\windows\AxInstSV
    2015-06-13 18:27 . 2015-06-13 18:29 -------- d-----w- c:\users\RAB Office\AppData\Roaming\PCDr
    2015-06-13 02:28 . 2015-06-13 16:08 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-06-13 02:28 . 2015-06-13 02:28 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
    2015-06-13 02:28 . 2015-04-14 13:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-06-13 02:28 . 2015-04-14 13:37 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-06-13 02:28 . 2015-04-14 13:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-06-13 00:05 . 2015-06-13 18:26 -------- d-----w- c:\programdata\PCDr
    2015-06-12 23:07 . 2015-06-12 23:20 -------- d-----w- C:\AdwCleaner
    2015-06-12 22:23 . 2015-06-12 22:23 -------- d-----w- c:\program files (x86)\Dell Update
    2015-06-10 13:31 . 2015-04-29 18:22 14635008 ----a-w- c:\windows\system32\wmp.dll
    2015-06-05 13:26 . 2015-05-22 18:18 700416 ----a-w- c:\windows\system32\generaltel.dll
    2015-06-05 13:26 . 2015-05-22 18:18 757248 ----a-w- c:\windows\system32\invagent.dll
    2015-06-05 13:26 . 2015-05-22 18:18 423424 ----a-w- c:\windows\system32\devinv.dll
    2015-06-05 13:26 . 2015-05-22 18:18 1021440 ----a-w- c:\windows\system32\appraiser.dll
    2015-06-05 13:26 . 2015-05-22 18:18 45568 ----a-w- c:\windows\system32\acmigration.dll
    2015-06-05 13:26 . 2015-05-22 18:18 227328 ----a-w- c:\windows\system32\aepdu.dll
    2015-06-05 13:26 . 2015-05-22 18:13 1119232 ----a-w- c:\windows\system32\aeinv.dll
    2015-06-05 13:26 . 2015-05-21 13:19 193536 ----a-w- c:\windows\system32\aepic.dll
    2015-06-01 21:29 . 2015-06-01 21:29 -------- d-----w- c:\users\RAB Office\AppData\Local\GWX
    2015-06-01 14:07 . 2015-06-01 14:07 -------- d-----w- c:\users\Gayle.RABOffice-PC\AppData\Local\GWX
    2015-05-31 23:22 . 2015-05-31 23:22 -------- d-----w- c:\program files (x86)\MSECache
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-06-10 14:30 . 2012-08-20 17:53 140135120 ----a-w- c:\windows\system32\MRT.exe
    2015-06-10 04:30 . 2014-10-15 02:42 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2015-06-10 04:30 . 2014-10-15 02:42 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-05-25 18:01 . 2015-06-10 13:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2015-05-01 13:17 . 2015-05-13 13:49 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-01 13:16 . 2015-05-13 13:49 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2015-04-20 03:17 . 2015-05-13 12:59 1647104 ----a-w- c:\windows\system32\DWrite.dll
    2015-04-20 03:17 . 2015-05-13 12:59 1179136 ----a-w- c:\windows\system32\FntCache.dll
    2015-04-20 02:56 . 2015-05-13 12:59 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
    2015-04-18 03:10 . 2015-05-13 13:00 460800 ----a-w- c:\windows\system32\certcli.dll
    2015-04-18 02:56 . 2015-05-13 13:00 342016 ----a-w- c:\windows\SysWow64\certcli.dll
    2015-04-13 03:28 . 2015-05-13 13:00 328704 ----a-w- c:\windows\system32\services.exe
    2015-04-08 03:29 . 2015-05-13 12:59 275456 ----a-w- c:\windows\system32\InkEd.dll
    2015-04-08 03:29 . 2015-05-13 12:59 24576 ----a-w- c:\windows\system32\jnwmon.dll
    2015-04-08 03:14 . 2015-05-13 12:59 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
    2015-03-25 03:24 . 2015-04-15 13:11 98304 ----a-w- c:\windows\system32\wudriver.dll
    2015-03-25 03:24 . 2015-04-15 13:11 37376 ----a-w- c:\windows\system32\wups2.dll
    2015-03-25 03:24 . 2015-04-15 13:11 35328 ----a-w- c:\windows\system32\wups.dll
    2015-03-25 03:24 . 2015-04-15 13:11 3298816 ----a-w- c:\windows\system32\wucltux.dll
    2015-03-25 03:24 . 2015-04-15 13:11 2553856 ----a-w- c:\windows\system32\wuaueng.dll
    2015-03-25 03:24 . 2015-04-15 13:11 191488 ----a-w- c:\windows\system32\wuwebv.dll
    2015-03-25 03:24 . 2015-04-15 13:11 696320 ----a-w- c:\windows\system32\wuapi.dll
    2015-03-25 03:24 . 2015-04-15 13:11 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
    2015-03-25 03:23 . 2015-04-15 13:11 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
    2015-03-25 03:23 . 2015-04-15 13:11 36864 ----a-w- c:\windows\system32\wuapp.exe
    2015-03-25 03:23 . 2015-04-15 13:11 135168 ----a-w- c:\windows\system32\wuauclt.exe
    2015-03-25 03:00 . 2015-04-15 13:11 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
    2015-03-25 03:00 . 2015-04-15 13:11 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
    2015-03-25 03:00 . 2015-04-15 13:11 29696 ----a-w- c:\windows\SysWow64\wups.dll
    2015-03-25 03:00 . 2015-04-15 13:11 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
    2015-03-25 03:00 . 2015-04-15 13:11 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2015-04-14 12:42 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2015-04-14 12:42 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2015-04-14 12:42 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
    "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
    "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2015-02-27 533872]
    "mcpltui_exe"="c:\program files\Common Files\McAfee\Platform\mcuicnt.exe" [2015-02-10 643064]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
    .
    c:\users\RAB Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Send to OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-25 195240]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2012-8-20 1207312]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableSecureUIAPath"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/08/14 03:34;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
    R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
    S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
    S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
    S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
    S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
    S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
    S2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
    S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
    S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
    S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
    S2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
    S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]
    S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
    S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
    S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
    S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
    S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
    S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
    S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
    S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
    S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
    S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
    S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - CLKMDRV10_9EC60124
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15 04:30]
    .
    2015-06-16 c:\windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
    - c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10 19:11]
    .
    2015-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17 22:39]
    .
    2015-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17 22:39]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2015-04-14 14:30 2334936 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2015-04-14 14:30 2334936 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2015-04-14 14:30 2334936 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
    2015-05-19 19:22 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
    2015-05-19 19:22 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
    2015-05-19 19:22 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
    2015-05-19 19:22 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
    @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
    [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
    2015-05-19 19:22 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-23 6457960]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-16 1156712]
    "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
    "Plantronics MyHeadset Updater"="c:\program files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe" [2013-02-13 78336]
    "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
    "AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe" [2012-12-28 1023104]
    "AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe" [2012-12-28 801920]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-07 169768]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://my.earthlink.net/
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    Trusted Zone: ancestry.com\www
    Trusted Zone: dell.com
    Trusted Zone: edmodo.com\www
    Trusted Zone: learnatf.gov\www
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\RAB Office\AppData\Roaming\Mozilla\Firefox\Profiles\jxfcqhfx.default-1430075394314\
    FF - prefs.js: browser.startup.homepage - hxxp://my.earthlink.net/channel/START
    .
    .
    ------- File Associations -------
    .
    .scr=CryptoPreventSCR
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    AddRemove-McAfee Virtual Technician - c:\program files (x86)\McAfee\Supportability\MVT\MVTInstaller.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.17"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2015-06-16 19:38:19
    ComboFix-quarantined-files.txt 2015-06-16 23:38
    ComboFix2.txt 2015-02-07 04:46
    ComboFix3.txt 2015-02-05 02:44
    .
    Pre-Run: 803,055,833,088 bytes free
    Post-Run: 802,611,359,744 bytes free
    .
    - - End Of File - - B64AC9A2756658B41086AADE55D76804
    5C616939100B85E558DA92B899A0FC36
    Bigalo

  10. #20
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,959

    Default

    Did that make any changes for the better?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •