Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer infected- internet intermittent [Solved]


  • This topic is locked This topic is locked

#1
ndskykng

ndskykng

    Member

  • Member
  • PipPipPip
  • 145 posts

Computer is running slow which makes me think there is viruses or spyware that I cannot clean.  I've tried using Malwarebytes and Norton Antivirus but neither find anything.  Sometimes the computer runs slowly with CPU use at 100% even though I'm not doing anything and everything runs slow at that point.  Finally, every once in awhile, the browser stops connecting to the internet, even though other applications that use it (Slingbox) is still connected.  I have to restart at that point to get the browsers to work again.

 

Attached is the FRST file

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015 01
Ran by Michael (administrator) on MIKE-PC on 13-05-2015 17:03:32
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available profiles: Michael)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Lenovo) C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe
() C:\ProgramData\YogaSmartSwicth\yogaserver.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 7640 series\Bin\ScanToPCActivationApp.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [892664 2012-12-17] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [459776 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-11-23] (Synaptics)
HKLM\...\Run: [Lenovo Transition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe [209488 2013-07-11] (Lenovo)
HKLM\...\Run: [yogaserver] => C:\ProgramData\YogaSmartSwicth\yogaserver.exe [209416 2013-07-11] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-07-11] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-07-11] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [MoneyStartUp10.0] => C:\Program Files (x86)\Microsoft Money\System\Activation.exe [241714 2001-07-25] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\spotify\spotifylauncher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\spotify\spotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\spotify\spotifylauncher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\spotify\spotifylauncher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\spotify\spotifylauncher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\spotify\spotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\spotify\spotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\spotify\spotify.exe <====== ATTENTION
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Run: [Spotify Web Helper] => C:\Users\Michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-05] (Spotify Ltd)
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Run: [HP ENVY 7640 series (NET)] => C:\Program Files\HP\HP ENVY 7640 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806744 2015-03-23] (SUPERAntiSpyware)
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\MountPoints2: {88e0a983-84c0-11e4-bec4-24fd52147259} - "E:\VZW_Software_upgrade_assistant.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2013-07-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001 -> DefaultScope {E0937473-7C77-46ED-B1B3-DF318F05A70A} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001 -> {B29C90A5-1337-43D8-98EE-F4EA5D4386C0} URL = 
SearchScopes: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001 -> {E0937473-7C77-46ED-B1B3-DF318F05A70A} URL = https://search.yahoo...p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-03-30] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-30] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-03-30] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-03-30] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
BHO-x32: No Name -> {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -> C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll [2001-07-25] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: HKLM-x32 {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\Michael\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: HKLM-x32 {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\Michael\AppData\Local\Temp\f5tmp\f5tunsrv.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\Michael\AppData\Local\Temp\f5tmp\urxshost.cab
DPF: HKLM-x32 {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\Michael\AppData\Local\Temp\f5tmp\urxhost.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-03-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-04-01] (McAfee, Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-27] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\t7dp1b6p.default
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-30] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2015-02-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://marquee.blogs.cnn.com/
CHR StartupUrls: Default -> "", "hxxp://kpnet.kp.org/ncal/santarosa/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-30]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-30]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-30]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-30]
CHR Extension: (SiteAdvisor) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-12]
CHR Extension: (Bookmark Manager) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (SlingPlayer Web Plug-in) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lidgnhlbmoakdjkfhanbhfngcadpaiac [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-30]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
CHR HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-02]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39936 2013-01-28] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-04-01] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-06] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1817704 2012-11-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ymc; C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe [27216 2013-07-11] (Lenovo)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20150506.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
S3 f5ipfw; C:\windows\system32\drivers\urfltv64.sys [18992 2013-04-26] (F5 Networks)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20150512.001\IDSvia64.sys [671448 2015-03-25] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150512.019\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20150512.019\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [696976 2012-09-06] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058680 2012-08-11] (Sunplus)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2014-08-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 urvpndrv; C:\Windows\system32\DRIVERS\covpnv64.sys [45776 2013-04-01] (F5 Networks, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-13 17:03 - 2015-05-13 17:03 - 00058038 _____ () C:\Users\Michael\Desktop\FRST.txt
2015-05-13 17:01 - 2015-05-13 17:03 - 02104832 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2015-05-12 18:20 - 2015-04-24 14:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-12 18:20 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 18:20 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 18:20 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 18:20 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 18:20 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 18:20 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 18:20 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 18:20 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 18:20 - 2015-04-21 09:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 18:20 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 18:20 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 18:20 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 18:20 - 2015-04-21 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 18:20 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 18:20 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 18:20 - 2015-04-21 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 18:20 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 18:20 - 2015-04-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 18:20 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 18:20 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 18:20 - 2015-04-21 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 18:20 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 18:20 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 18:20 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 18:20 - 2015-04-21 08:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 18:20 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 18:20 - 2015-04-21 08:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 18:20 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 18:20 - 2015-04-21 08:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 18:20 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 18:20 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 18:20 - 2015-04-21 08:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 18:20 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 18:20 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 18:20 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 18:20 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 18:20 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 18:20 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 18:20 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 18:20 - 2015-04-13 15:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 18:20 - 2015-04-09 18:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 18:20 - 2015-04-09 17:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 18:20 - 2015-04-09 17:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 18:20 - 2015-04-08 15:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 18:20 - 2015-04-02 17:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 18:20 - 2015-04-02 17:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 18:20 - 2015-03-29 22:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 18:20 - 2015-03-26 20:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 18:20 - 2015-03-26 19:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 18:20 - 2015-03-26 19:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 18:20 - 2015-03-12 21:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 18:20 - 2015-03-12 21:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 18:20 - 2015-03-12 19:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 18:20 - 2015-03-12 17:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 18:20 - 2015-03-10 18:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 18:20 - 2015-03-10 18:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 18:20 - 2015-03-05 20:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 18:20 - 2015-03-05 19:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 18:20 - 2015-03-05 19:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 18:20 - 2015-03-04 16:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-12 18:20 - 2015-02-17 16:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-10 13:18 - 2015-05-10 13:18 - 00001411 _____ () C:\Users\Michael\Desktop\MyTicketsServlet.html
2015-05-09 09:10 - 2015-05-09 09:10 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Mozilla
2015-05-09 09:10 - 2015-05-09 09:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\Mozilla
2015-05-09 09:10 - 2015-05-09 09:10 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-09 09:08 - 2015-05-09 09:08 - 00243304 _____ () C:\Users\Michael\Downloads\Firefox Setup Stub 37.0.2.exe
2015-04-24 06:56 - 2015-04-25 06:47 - 00000000 ____D () C:\Users\Michael\AppData\Local\LogMeIn Rescue Applet
2015-04-24 06:56 - 2015-04-24 06:56 - 01513280 _____ (LogMeIn, Inc.) C:\Users\Michael\Downloads\Support-LogMeInRescue.exe
2015-04-24 06:56 - 2015-04-24 06:56 - 00002284 _____ () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec Support.lnk
2015-04-21 16:09 - 2015-04-21 16:08 - 01207513 _____ () C:\Users\Michael\Downloads\LoanDocs.zip
2015-04-21 15:58 - 2015-04-21 15:58 - 00000000 ____D () C:\Users\Michael\AppData\Local\WinZip
2015-04-21 15:57 - 2015-04-21 15:58 - 00000000 ____D () C:\ProgramData\WinZip
2015-04-21 15:57 - 2015-04-21 15:57 - 00002234 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-04-21 15:57 - 2015-04-21 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-04-21 15:57 - 2015-04-21 15:57 - 00000000 ____D () C:\Program Files\WinZip
2015-04-21 15:42 - 2015-04-21 15:46 - 120105328 _____ () C:\Users\Michael\Downloads\winzip190.exe
2015-04-18 19:17 - 2015-05-13 17:03 - 00000000 ____D () C:\FRST
2015-04-17 23:33 - 2015-04-17 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-17 23:33 - 2015-04-17 23:33 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-17 23:33 - 2015-04-17 23:33 - 00000000 ____D () C:\Program Files\iTunes
2015-04-17 23:33 - 2015-04-17 23:33 - 00000000 ____D () C:\Program Files\iPod
2015-04-17 23:33 - 2015-04-17 23:33 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-17 23:27 - 2015-04-17 23:27 - 00000000 ____D () C:\Program Files\VideoLAN
2015-04-17 23:26 - 2015-04-17 23:29 - 121283888 _____ (Apple Inc.) C:\Users\Michael\Downloads\itunes64setup (1).exe
2015-04-17 23:26 - 2015-04-17 23:27 - 29833438 _____ () C:\Users\Michael\Downloads\vlc-2.2.1-win64.exe
2015-04-14 20:08 - 2015-04-14 20:09 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-14 20:08 - 2015-04-14 20:08 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-14 20:08 - 2015-04-14 20:08 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-14 19:27 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-14 19:27 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-14 19:27 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-14 19:27 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-14 19:27 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-14 19:27 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-14 19:27 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-14 19:27 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-14 19:27 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-14 19:27 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-14 19:27 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-14 19:27 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-14 19:27 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-14 19:27 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-14 19:27 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 19:27 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-14 19:27 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-14 19:27 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 19:27 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 19:27 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 19:27 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 19:27 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 19:27 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 19:27 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 19:27 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 19:27 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 19:27 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 19:27 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 19:27 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 19:27 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 19:27 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 19:27 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 19:27 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 19:27 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-14 19:27 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-14 19:27 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-14 19:27 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-14 19:27 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-14 19:27 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-14 19:27 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-14 19:27 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-14 19:27 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-13 16:58 - 2014-09-24 00:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-13 16:53 - 2015-03-27 04:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-05-13 16:53 - 2015-02-13 10:01 - 00000000 ____D () C:\ProgramData\MCShield
2015-05-13 16:53 - 2014-10-12 10:02 - 00000000 ____D () C:\Users\Michael\OneDrive
2015-05-13 16:53 - 2014-04-25 06:00 - 00000000 ____D () C:\Users\Michael\AppData\Local\CrashDumps
2015-05-13 16:53 - 2014-03-30 16:16 - 00000000 ___RD () C:\Users\Michael\Google Drive
2015-05-13 16:53 - 2014-03-30 06:40 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 16:53 - 2014-03-30 06:38 - 00080250 _____ () C:\Users\Michael\AppData\Local\BTServer.log
2015-05-13 16:52 - 2014-09-24 00:03 - 02210008 _____ () C:\WINDOWS\PFRO.log
2015-05-13 16:52 - 2013-08-22 07:46 - 00345799 _____ () C:\WINDOWS\setupact.log
2015-05-13 16:52 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-13 16:52 - 2013-08-22 07:44 - 00481880 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 16:52 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-13 16:52 - 2013-07-11 20:44 - 00000000 ____D () C:\ProgramData\Realtek
2015-05-13 16:51 - 2014-10-12 09:37 - 01886748 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-13 16:51 - 2014-04-01 06:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 16:49 - 2014-04-01 06:38 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 16:49 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-13 16:43 - 2014-09-23 23:53 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 16:43 - 2014-03-30 07:12 - 11902082 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-13 16:17 - 2014-03-30 06:40 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 16:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-13 15:16 - 2014-10-15 14:30 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{07411BF0-073C-4FDC-9EB2-BF600635EFAE}
2015-05-13 06:56 - 2014-03-30 17:39 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-12 04:45 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-11 22:32 - 2015-02-12 21:01 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-05-11 22:32 - 2013-07-11 20:49 - 00000000 ____D () C:\ProgramData\Temp
2015-05-10 22:52 - 2014-03-30 07:17 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1530735055-4101794070-4272422381-1001
2015-05-10 13:32 - 2014-04-03 03:45 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\vlc
2015-05-10 13:20 - 2014-03-30 13:28 - 01324544 ___SH () C:\Users\Michael\Desktop\Thumbs.db
2015-05-10 13:18 - 2015-04-11 15:59 - 00000000 ____D () C:\Users\Michael\Desktop\MyTicketsServlet_files
2015-05-10 06:01 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 18:45 - 2014-06-23 18:31 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Spotify
2015-05-09 18:42 - 2014-06-23 18:36 - 00000000 ____D () C:\Users\Michael\AppData\Local\Spotify
2015-05-04 05:09 - 2014-03-30 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-02 23:03 - 2014-08-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Quicken
2015-04-30 07:24 - 2014-03-30 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-30 07:24 - 2014-03-30 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-24 07:08 - 2014-10-12 10:00 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-24 07:08 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-04-21 15:57 - 2014-10-12 09:37 - 00000000 ____D () C:\Users\Michael
2015-04-20 12:48 - 2014-11-18 20:13 - 00000000 ____D () C:\Users\Michael\Desktop\Burn
2015-04-18 16:57 - 2014-09-20 12:03 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\HandBrake
2015-04-18 16:46 - 2014-04-05 14:36 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\dvdcss
2015-04-18 00:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-17 23:33 - 2015-02-16 13:01 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-16 06:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-14 20:08 - 2014-09-24 02:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 19:26 - 2014-11-11 20:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-14 09:38 - 2014-03-30 17:30 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-03-30 17:30 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-03-30 17:30 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-13 16:24 - 2014-09-24 02:55 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-13 16:24 - 2014-09-24 02:55 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-03-30 06:39 - 2014-03-31 04:47 - 0004658 _____ () C:\Users\Michael\AppData\Roaming\AbsoluteReminder.xml
2015-04-12 22:21 - 2015-04-12 22:21 - 0000046 _____ () C:\Users\Michael\AppData\Roaming\Camdata.ini
2015-04-12 22:21 - 2015-04-12 22:21 - 0000408 _____ () C:\Users\Michael\AppData\Roaming\CamLayout.ini
2015-04-12 22:21 - 2015-04-12 22:21 - 0000408 _____ () C:\Users\Michael\AppData\Roaming\CamShapes.ini
2015-04-12 22:21 - 2015-04-12 22:21 - 0004536 _____ () C:\Users\Michael\AppData\Roaming\CamStudio.cfg
2015-04-12 22:20 - 2015-04-12 22:20 - 0000096 _____ () C:\Users\Michael\AppData\Roaming\version2.xml
2014-03-30 06:38 - 2015-05-13 16:53 - 0080250 _____ () C:\Users\Michael\AppData\Local\BTServer.log
2014-06-26 19:13 - 2014-09-03 19:50 - 0005632 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-25 11:25 - 2014-11-25 11:25 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-11 20:43 - 2013-07-11 20:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-15 15:43 - 2014-09-15 15:43 - 0000205 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-13 06:48
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2015 01
Ran by Michael at 2015-05-13 17:04:15
Running from C:\Users\Michael\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1530735055-4101794070-4272422381-500 - Administrator - Disabled)
Guest (S-1-5-21-1530735055-4101794070-4272422381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1530735055-4101794070-4272422381-1005 - Limited - Enabled)
Michael (S-1-5-21-1530735055-4101794070-4272422381-1001 - Administrator - Enabled) => C:\Users\Michael
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BIG-IP Edge Client Components (HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\F5 Networks Client Components) (Version: 70.2013.0426.1915 - F5 Networks, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.47.51 - Conexant)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP ENVY 7640 series Basic Device Software (HKLM\...\{24BF3898-2667-4645-9448-8C6765B801A5}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}) (Version: 12.1.2.27 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.13 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 1.4.2.25 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft Money 2002 (HKLM-x32\...\{E7298FD8-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.80 - Microsoft)
Microsoft Money 2002 System Pack (HKLM-x32\...\{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4433.1508 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{28f90ef6-5415-4182-a638-3232ad7aa8eb}) (Version: 11.0.50727.1 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.1.2.43 - Lenovo)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{B6322D12-A133-4128-8306-DAFFF7231152}) (Version: 1.03.0199 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Slingplayer Desktop (x32 Version: 5.0.0.83 - Sling Media) Hidden
Slingplayer-Desktop (HKLM-x32\...\{176cb1f2-7151-4061-9811-46494cdc407d}) (Version: 5.0.0.83 - Sling Media)
Spotify (HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.21.4 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.219 - McAfee, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001_Classes\CLSID\{20CB8E44-1A2F-42C7-9994-D64D3798A14F}\InprocServer32 -> C:\Users\Michael\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\CONFLICT.1\F5InstP64.dll (F5 Networks, Inc.)
CustomCLSID: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
21-04-2015 15:56:47 Installed WinZip 19.0
02-05-2015 22:56:47 Scheduled Checkpoint
10-05-2015 22:59:21 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-25 22:26 - 2015-02-12 21:48 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0BDC3F6D-9D2F-4EA7-BA0E-2EA8D131A8CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30] (Google Inc.)
Task: {21B6EA15-2186-499D-983D-EA1FD4F71C61} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {23249230-A5BC-453F-90AA-1AA5C2F57903} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {28BD0E1F-2408-482A-9074-5B4D93DC356F} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {353ED000-4A52-4FEA-B44E-32C63F17912B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30] (Google Inc.)
Task: {658C0CC5-CE06-44CB-A79E-FB4699A99973} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: {66E3CF9E-F351-4800-8FBE-7686D92DF00E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-06] (Symantec Corporation)
Task: {6842B47F-BFD1-4A3A-9905-8969012242CF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
Task: {ADDFE13C-4564-4738-B182-B5F327E79670} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B2DFD27A-3917-424D-8B92-F9DCD0D9EBD8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-30] (Microsoft Corporation)
Task: {C2FFE417-FFF4-47B2-B460-AA637D0AD920} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-11-22] (Microsoft Corporation)
Task: {C3982009-D383-4B63-8D3B-61750F3EAAE9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-23] (Synaptics Incorporated)
Task: {E3415D90-263C-464E-8140-403474B02A5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-30] (Microsoft Corporation)
Task: {E68B8604-A255-46E2-B864-E04189D2639A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {E6C191D1-172C-4643-9D86-05AEA78875E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {EFF4D081-E62F-459A-8F47-2EF9251FE028} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-07-11 20:44 - 2013-01-28 14:35 - 00039936 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-30 13:50 - 2012-11-02 19:33 - 00373312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-03-30 13:50 - 2012-11-02 19:32 - 00499264 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-03-30 13:50 - 2012-11-02 19:32 - 00601152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-07-11 20:52 - 2013-07-11 20:52 - 00059472 _____ () C:\ProgramData\YogaSmartSwicth\Server\x64\dptf.dll
2014-03-30 13:52 - 2014-03-30 13:52 - 06522480 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-07-11 20:52 - 2013-07-11 20:52 - 00209416 _____ () C:\ProgramData\YogaSmartSwicth\yogaserver.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-30 13:52 - 2014-03-30 13:52 - 06522480 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-04-30 00:17 - 2015-04-27 19:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 00:17 - 2015-04-27 19:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2013-07-11 20:52 - 2013-07-11 20:52 - 00269904 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\GuiSys.dll
2013-07-11 20:52 - 2013-07-11 20:52 - 00018000 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\SimpRes.dll
2013-07-11 20:52 - 2013-07-11 20:52 - 00018000 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LangHlpr.dll
2015-05-13 16:53 - 2015-05-13 16:53 - 00098816 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32api.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00110080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\pywintypes27.dll
2015-05-13 16:53 - 2015-05-13 16:53 - 00364544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\pythoncom27.dll
2015-05-13 16:53 - 2015-05-13 16:53 - 00045568 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_socket.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 01161216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_ssl.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00320512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32com.shell.shell.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00713216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_hashlib.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 01175040 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._core_.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00805888 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._gdi_.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00811008 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._windows_.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 01062400 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._controls_.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00735232 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._misc_.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00682496 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\pysqlite2._sqlite.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00128512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_elementtree.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00127488 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\pyexpat.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00087552 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_ctypes.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00119808 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32file.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00108544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32security.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00007168 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\hashobjs_ext.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\usb_ext.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00167936 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32gui.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00018432 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32event.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00013824 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\common.time34.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00036864 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_psutil_windows.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00038912 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32inet.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00011264 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32crypt.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00070656 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._html2.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00027136 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_multiprocessing.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00020480 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\_yappi.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00035840 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32process.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00686080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\unicodedata.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00122368 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._wizard.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00024064 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32pipe.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00010240 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\select.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00025600 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32pdh.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00525640 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\windows._lib_cacheinvalidation.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32profile.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00022528 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\win32ts.pyd
2015-05-13 16:53 - 2015-05-13 16:53 - 00078336 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI58122\wx._animate.pyd
2015-04-30 00:17 - 2015-04-27 19:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2013-07-11 20:41 - 2012-06-24 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\1001movie.com -> 1001movie.com
 
There are 6091 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\Desktop\Kelly Trip\DSC_3921.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Motion Control.lnk"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "MoneyStartUp10.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1530735055-4101794070-4272422381-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EC1FA0CF-9689-4184-AAC7-CA64209AF446}] => (Allow) C:\Users\Michael\Downloads\bittorrent.exe
FirewallRules: [{67659271-AFF3-4D21-BA7A-FEDFCDC3E995}] => (Allow) C:\Users\Michael\Downloads\bittorrent.exe
FirewallRules: [{00BDFD34-A625-407B-9E00-90382FEE288C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4CDCB3F7-0294-4A45-A147-8F96605B0375}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{3C5B5F5B-8958-49FF-9CB1-3312434794BF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0B36C7C7-B36C-49E9-9F3F-6BA09A818661}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D199681C-9432-4E58-B389-E9B5B5B07811}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{10F4F9B5-0F62-47B8-A40C-7B2E58D84F62}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{75E02BE5-7BE9-40FC-83AD-2CEA2BFFEC95}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7B10739B-526D-4EB8-ADC0-34F5C0FA2F46}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2595736F-A635-4813-BC96-2D3B652E1B21}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{22DC8A26-7019-41D6-A031-334C9A3858D2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9E688736-B2E8-49E4-9472-017DFC0E7077}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1758C747-1549-4CBC-A847-44891DB6835E}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\FaxApplications.exe
FirewallRules: [{9799ECEF-643D-41A7-BDEA-8047846B1A76}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\DigitalWizards.exe
FirewallRules: [{DFE4C4F9-5E17-47B4-9B64-37BAF371D07A}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\SendAFax.exe
FirewallRules: [{7202B4E6-42AC-4DF7-A6A7-B45D184A33C0}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\Bin\DeviceSetup.exe
FirewallRules: [{6F108401-09B8-476C-8E40-9B460A469017}] => (Allow) LPort=5357
FirewallRules: [{B27668C6-D6AD-4CD3-944D-64BE1B6229F4}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2BF2CFAA-551C-46F8-B45E-F864A72FBF32}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF70D630-394A-4A8C-80E3-09B31C8345D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE7AA3D1-9ABD-4955-93DD-37A17400ED78}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BFE2129-A3C9-4EB8-806E-177907CEA8F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{AEBF2049-92F4-4C51-A211-84ECDF8E8F3E}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Block) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [UDP Query User{D1DB0C72-4C23-4D76-9398-F9C7B00ED306}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Block) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [{F7E0B622-25F2-49C5-B64A-5B03924916DE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3E0527C9-D3D2-4C86-B348-26CE0714D262}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{602EC8AC-802B-4A88-8D72-477978432939}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/13/2015 04:53:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wfcrun32.exe, version: 12.3.0.8, time stamp: 0x4f72af95
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000005
Fault offset: 0x00018ad9
Faulting process id: 0x1538
Faulting application start time: 0xwfcrun32.exe0
Faulting application path: wfcrun32.exe1
Faulting module path: wfcrun32.exe2
Report Id: wfcrun32.exe3
Faulting package full name: wfcrun32.exe4
Faulting package-relative application ID: wfcrun32.exe5
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 940875
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 940875
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 403750
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 403750
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (05/13/2015 04:54:18 PM) (Source: DCOM) (EventID: 10010) (User: MIKE-PC)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (05/13/2015 04:54:05 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:49 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/13/2015 04:53:28 PM) (Source: DCOM) (EventID: 10016) (User: MIKE-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Mike-PCMichaelS-1-5-21-1530735055-4101794070-4272422381-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (05/13/2015 04:53:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wfcrun32.exe12.3.0.84f72af95ntdll.dll6.3.9600.17736550f42c2c000000500018ad9153801d08dd80d1295d2C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exeC:\WINDOWS\SYSTEM32\ntdll.dll4b085366-f9cb-11e4-bf15-24fd52147259
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 940875
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 940875
 
Error: (05/13/2015 03:13:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234
 
Error: (05/13/2015 02:57:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 403750
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 403750
 
Error: (05/13/2015 06:55:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 50%
Total physical RAM: 3975.27 MB
Available physical RAM: 1978.02 MB
Total Pagefile: 4999.27 MB
Available Pagefile: 2841.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:101.34 GB) (Free:51.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:4 GB) (Free:2.34 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: A044BBD7)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. I've reviewed your logs and they are clean so I don't believe this is a malware issue. If you still are having issue and need assistance I would suggest posting a topic in our Windows 8 forum or Networking forum. The experts there have much more knowledge than many of us when it comes to software, networking and/or hardware. You can always mention that you started here and was told the logs looked clean.

 

Take care.


  • 0

#3
ndskykng

ndskykng

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

Ok thanks.  Posted to Windows 8 forum.


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP