Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer infected, badly [Solved]

Started by mspatrice71 , Jul 07 2015 08:26 AM
malware

  • This topic is locked This topic is locked

#1
mspatrice71
Posted 07 July 2015 - 08:26 AM

mspatrice71

    Member

  • Member
  • PipPip
  • 10 posts

Hi, I believe my computer is infected, really bad.  So many things have been happening, any help would be greatly appreciated...thank you

 

 

  • DNS server changed
  • internet connection constantly changed to proxy server
  • Norton Antivirus Corrupted
  • SpyHunter corrupted and can't be reinstalled
  • Ad pop ups that wont go away after scans
  • internet very slow
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Patrice (administrator) on PATRICE-HP on 07-07-2015 09:59:01
Running from C:\Users\Patrice\Desktop
Loaded Profiles: Patrice (Available Profiles: Patrice & Tricey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
( ) C:\Windows\System32\dlcdcoms.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
() C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Spotify Ltd) C:\Users\Patrice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
() C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Verizon) C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(CA, Inc.) C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coNatHst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msoia.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [DLCDCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\DLCDtime.dll,RunDLLEntry
HKLM\...\Run: [dlcdmon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe [431600 2007-01-17] (Dell)
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe [304624 2007-01-17] ()
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-02-05] (IDT, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-03-13] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-25] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-11-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6591800 2012-02-22] (Yahoo! Inc.)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Spotify Web Helper] => C:\Users\Patrice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Amazon Music] => C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe [15281472 2015-02-10] ()
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-18] (SUPERAntiSpyware)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Dropbox Update] => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [AutoStartVMA] => C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe [12899840 2015-02-24] (Verizon)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {4e329d68-b1f1-11e1-9fd7-ec9a74480ea3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\drivers\setup.exe
HKU\S-1-5-18\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\S-1-5-18\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2015-04-26]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2014-11-20]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-07-21]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2012-01-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-03-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-27582077-1071981072-3432663169-1001] => http=127.0.0.1:16110;https=127.0.0.1:16110
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> {627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> {627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> DefaultScope {AB20B57F-2B7C-4BC0-8DAB-A6C14856531F} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {AB20B57F-2B7C-4BC0-8DAB-A6C14856531F} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-01-28] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.414.3\NativeBHO.dll [2015-04-14] (WhiteSky)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-17] (Yahoo! Inc)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
DPF: HKLM-x32 {16F67783-7E72-4C39-99C4-4780A8335484} http://www.syncmyrid...pplets/sync.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-19] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-05-14] (EasyBits Software Corp.)
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 172.16.12.1
Tcpip\..\Interfaces\{60754EDC-E4BD-47C3-A02C-67A91C936641}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{E9F39A8E-0F4A-42BA-B624-DBDAE4A9693D}: [DhcpNameServer] 172.16.12.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-01-04] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-26] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-26] (RealPlayer Cloud)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll [2011-12-05] ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-05-07] ()
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-03-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2014-04-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-07-07]
 
Chrome: 
=======
CHR Profile: C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Connect) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeihfhnbnfemlajfadhbpdfiipncebld [2015-03-17]
CHR Extension: (XFINITY® One Click) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpneloifkenkdnebjkadkmnfekfpggdi [2015-03-28]
CHR Extension: (Norton Identity Safe) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-13]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-03-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-21]
CHR Extension: (Hangouts) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-28]
CHR Extension: (Norton Safe) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2015-03-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-07-05]
CHR HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fgkbmedckhcibhkdhaokebnllokeokek] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [fgkbmedckhcibhkdhaokebnllokeokek] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-07-05]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 dlcd_device; C:\Windows\system32\dlcdcoms.exe [566768 2007-01-17] ( )
R2 dlcd_device; C:\Windows\SysWOW64\dlcdcoms.exe [538096 2007-01-17] ( )
S2 EventService; C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe [34304 2015-05-28] (Digital Market Research Apps Pty Ltd) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2012-01-29] (Realsil Microelectronics Inc.) [File not signed]
R2 ITMRTSVC; C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe [283912 2007-09-26] (CA, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-26] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7414256 2015-05-19] (Reimage®)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [File not signed]
R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2015-05-28] (Digital Market Research Apps Pty Ltd) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Tether; C:\Program Files (x86)\Tether\TBService.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-25] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-05] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-03-11] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-03-11] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150706.001\IDSvia64.sys [692984 2015-07-03] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150706.035\ENG64.SYS [138488 2015-07-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150706.035\EX64.SYS [2146040 2015-07-05] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-07-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 cpuz134; \??\C:\Users\Patrice\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-07 09:59 - 2015-07-07 10:08 - 00043122 _____ C:\Users\Patrice\Desktop\FRST.txt
2015-07-07 09:52 - 2015-07-07 09:59 - 00000000 ____D C:\FRST
2015-07-07 09:34 - 2015-07-07 09:34 - 02112512 _____ (Farbar) C:\Users\Patrice\Desktop\frst64.exe
2015-07-06 13:30 - 2015-07-07 01:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{F7C0E25B-95EE-4E58-A84B-D4223E6C9259}
2015-07-06 09:01 - 2015-07-06 09:01 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E72D8CB9-93EE-44A0-877E-9AE325F0EA2C}
2015-07-06 00:03 - 2015-07-06 00:03 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security Suite
2015-07-05 19:58 - 2015-07-05 19:58 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001
2015-07-05 19:58 - 2015-07-05 19:58 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001
2015-07-05 19:11 - 2015-07-05 23:53 - 00002359 _____ C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-07-05 19:11 - 2015-07-05 19:11 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-05 19:11 - 2015-07-05 19:11 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-05 19:10 - 2015-07-05 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-07-05 19:10 - 2015-07-05 19:10 - 00000000 ____D C:\Program Files (x86)\Norton Security Suite
2015-07-05 19:05 - 2015-07-05 19:06 - 01021632 _____ (Symantec Corporation) C:\Users\Patrice\Downloads\Norton_Download_Manager (2).exe
2015-07-05 18:42 - 2015-07-05 18:42 - 00958328 _____ C:\Users\Patrice\Downloads\Norton_Removal_Tool (1).exe
2015-07-05 17:20 - 2015-07-05 17:20 - 00023238 _____ C:\Windows\system32\ScanResults.xml
2015-07-05 17:05 - 2015-07-05 17:05 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-05 17:03 - 2015-07-05 17:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1631E3FC-3ACF-4B90-BE51-A649AB422134}
2015-07-04 15:08 - 2015-07-04 15:08 - 00000000 ____D C:\Users\Patrice\AppData\Local\{2C2CB7EE-0483-44E6-A67A-DFA25361A4E7}
2015-07-03 08:17 - 2015-07-03 08:17 - 00000000 ____D C:\Users\Patrice\AppData\Local\{C2D359DB-5773-406A-8EFB-2CCAD2392076}
2015-07-02 08:38 - 2015-07-02 08:39 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E41D08B3-DFD3-4CC2-8214-A4ED2A0D8F2E}
2015-07-01 14:37 - 2015-07-01 14:37 - 01642566 _____ C:\Users\Patrice\Downloads\Snap-2_0_0_2 (4).bar
2015-07-01 10:54 - 2015-07-01 11:03 - 00000000 ____D C:\Program Files\Reimage
2015-07-01 10:54 - 2015-07-01 10:55 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-07-01 10:54 - 2015-07-01 10:54 - 00004282 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-07-01 10:53 - 2015-07-01 10:55 - 00000156 _____ C:\Windows\Reimage.ini
2015-07-01 10:53 - 2015-07-01 10:53 - 00772016 _____ (Reimage®) C:\Users\Patrice\Downloads\ReimageRepair.exe
2015-07-01 10:52 - 2015-07-01 10:52 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (5).exe
2015-07-01 10:51 - 2015-07-01 10:51 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (4).exe
2015-07-01 10:29 - 2015-07-01 11:01 - 00000000 ____D C:\Program Files (x86)\PCFixKit
2015-07-01 10:29 - 2015-07-01 10:29 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\PCFixKit
2015-07-01 10:26 - 2015-07-01 10:26 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (3).exe
2015-06-30 19:53 - 2015-04-16 00:51 - 2688929049 _____ C:\Users\Patrice\Downloads\Trice-Z10ylL-Switch (04-16-2015).zip
2015-06-30 19:39 - 2015-06-30 19:39 - 00001302 _____ C:\Users\Patrice\Desktop\BlackBerry Backup Extractor.lnk
2015-06-30 19:39 - 2015-06-30 19:39 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Reincubate
2015-06-30 19:39 - 2015-06-30 19:39 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2015-06-30 19:35 - 2015-06-30 19:36 - 02650984 _____ (Reincubate Ltd) C:\Users\Patrice\Downloads\bbbe-latest.exe
2015-06-30 16:30 - 2015-06-30 16:30 - 00000000 ____D C:\Users\Patrice\Documents\Patrice-Z30
2015-06-29 21:31 - 2015-07-01 08:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{A1C6C12F-9F45-4CAB-B0CB-68210E1D5CAF}
2015-06-29 09:26 - 2015-06-29 09:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{436E4563-FD47-4413-AB20-1DDA6A3BF872}
2015-06-28 15:21 - 2015-06-28 15:21 - 00000000 ____D C:\Users\Patrice\AppData\Local\{DB415AB1-D264-460D-BABB-D55D8C8DCAEC}
2015-06-26 21:12 - 2015-06-27 21:09 - 00000000 ____D C:\Users\Patrice\AppData\Local\{35D9F5B9-9FD6-44C3-B0F6-B0C1D1C0ABBC}
2015-06-26 11:43 - 2015-07-07 08:55 - 00218832 _____ C:\Windows\PFRO.log
2015-06-25 12:24 - 2015-06-25 12:24 - 00000000 ____D C:\Users\Patrice\Documents\BLACKBERRY-CA74
2015-06-25 12:14 - 2015-07-07 08:55 - 00004915 _____ C:\Windows\setupact.log
2015-06-25 12:14 - 2015-06-25 12:14 - 00000000 _____ C:\Windows\setuperr.log
2015-06-25 08:08 - 2015-06-26 08:45 - 00000000 ____D C:\Users\Patrice\AppData\Local\{123F0186-3E58-44F5-83B5-F71512E5978C}
2015-06-23 20:05 - 2015-06-24 08:06 - 00000000 ____D C:\Users\Patrice\AppData\Local\{CFCAD671-4D19-4342-80A8-A894E7DA9E3B}
2015-06-23 10:38 - 2015-06-23 10:38 - 00000000 ____D C:\Users\Patrice\AppData\Local\HockeyCrashes
2015-06-23 10:36 - 2015-06-23 10:36 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Verizon
2015-06-23 10:34 - 2015-06-23 10:34 - 00002075 _____ C:\Users\Public\Desktop\Message+.lnk
2015-06-23 10:34 - 2015-06-23 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Messages
2015-06-23 10:34 - 2015-06-23 10:34 - 00000000 ____D C:\Program Files (x86)\Verizon
2015-06-23 10:27 - 2015-06-23 10:27 - 14511701 _____ (Verizon) C:\Users\Patrice\Downloads\Message+.exe
2015-06-23 08:38 - 2015-06-23 08:38 - 00000000 ____D C:\Program Files (x86)\MR APP
2015-06-22 00:40 - 2015-06-23 08:04 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1698606C-3430-403E-BEF0-E9E8759C8A7A}
2015-06-21 09:35 - 2015-06-21 09:37 - 00000000 ____D C:\Users\Patrice\AppData\Local\{5AF64EB5-7BB1-48D0-9440-134EB603AF03}
2015-06-17 10:43 - 2015-06-17 10:45 - 00000000 ____D C:\Windows\F94A63D79A61403B8F6F90B1BF77211A.TMP
2015-06-17 10:33 - 2015-06-19 09:49 - 00000000 ____D C:\Users\Patrice\AppData\Local\{EC25C52B-5B8E-4AC9-96B6-2B4DA8B08E03}
2015-06-16 09:30 - 2015-06-16 09:30 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-16 09:28 - 2015-07-07 09:33 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA.job
2015-06-16 09:28 - 2015-07-07 09:33 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core.job
2015-06-16 09:28 - 2015-06-16 09:28 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA
2015-06-16 09:28 - 2015-06-16 09:28 - 00003504 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core
2015-06-16 09:27 - 2015-06-16 09:27 - 00000000 ____D C:\Users\Patrice\AppData\Local\Dropbox
2015-06-16 09:27 - 2015-06-16 09:27 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-15 09:42 - 2015-07-06 14:41 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPatrice
2015-06-14 07:19 - 2015-06-16 08:46 - 00000000 ____D C:\Users\Patrice\AppData\Local\{7332B90C-4AE7-49EB-8186-286891DE4046}
2015-06-11 10:09 - 2015-06-11 10:09 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-11 08:48 - 2015-06-11 08:50 - 00000000 ____D C:\Users\Patrice\AppData\Local\{339772F9-9E91-43E5-8F46-471EB129EBFB}
2015-06-10 14:35 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 14:35 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 14:35 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 14:35 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 14:35 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 14:35 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 14:35 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 14:35 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 14:35 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 14:35 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 14:35 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 14:35 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 14:35 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 14:35 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 14:35 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 14:35 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 14:35 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 14:35 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 14:35 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 14:35 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 14:35 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 14:35 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 14:35 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 14:35 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 14:35 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 14:35 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:35 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:35 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 14:35 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 14:35 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 14:35 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 14:35 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 14:35 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 14:35 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 14:35 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 14:35 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 14:35 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 14:35 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 14:35 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 14:34 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 14:34 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 14:34 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 14:34 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 14:33 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 14:33 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 14:33 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 14:33 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 14:33 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 14:27 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 14:27 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 14:27 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 14:27 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 14:27 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 14:27 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 14:27 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 14:27 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 14:27 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 14:27 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 14:27 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 14:27 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 14:27 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 14:27 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 14:27 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 14:27 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 14:27 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 14:27 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 14:27 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 14:27 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 14:27 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 14:27 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 14:27 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 14:27 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 14:27 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 14:27 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 14:27 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 14:27 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 14:27 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 14:27 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 14:27 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 14:27 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 14:27 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 14:27 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 14:27 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 14:27 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 14:27 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 14:27 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 14:27 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 14:27 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 14:26 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 14:26 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 14:26 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 14:26 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 14:26 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 14:26 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 14:26 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 14:26 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 14:26 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 14:26 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 14:26 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 14:26 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 14:26 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 14:26 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 14:26 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 14:26 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 14:26 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 14:26 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 14:26 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 14:26 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 14:26 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 13:43 - 2015-06-10 13:44 - 00000000 ____D C:\Users\Patrice\AppData\Local\{72B96EB4-D2BE-4C10-93C0-C824A4729C96}
2015-06-09 09:56 - 2015-06-09 09:56 - 00000000 ____D C:\Users\Patrice\AppData\Local\{3CEF6A27-87F1-48B9-9769-42203A2C0938}
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-07 10:08 - 2012-01-21 16:10 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2015-07-07 09:56 - 2015-05-19 17:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 09:53 - 2012-10-11 03:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-07 09:51 - 2012-09-06 20:28 - 00000000 ____D C:\Users\Patrice\Downloads\Vector Clip Art of Patriotic Voting poster - Vector patriotic voting poster csp8337871 - Search Clipart, Illustration, Drawings, and EPS Vector Graphics Images_files
2015-07-07 09:48 - 2011-09-25 04:35 - 01122974 _____ C:\Windows\WindowsUpdate.log
2015-07-07 09:25 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 09:25 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 09:10 - 2014-02-25 09:48 - 00000000 ___RD C:\Users\Patrice\Dropbox
2015-07-07 09:10 - 2014-02-25 09:45 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Dropbox
2015-07-07 09:07 - 2012-01-21 16:12 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\ID Vault
2015-07-07 08:58 - 2015-03-03 13:16 - 00000000 ____D C:\Users\Patrice\AppData\Local\Backup Assistant Plus
2015-07-07 08:58 - 2012-01-22 22:30 - 00000000 ____D C:\Users\Patrice\Tracing
2015-07-07 08:57 - 2015-05-19 17:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 08:56 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 01:32 - 2012-01-21 16:06 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D60F6613-E116-413B-82C0-D7522DBAE22C}
2015-07-06 14:41 - 2015-04-27 17:42 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForPatrice.job
2015-07-06 13:29 - 2012-11-15 09:16 - 00000000 ____D C:\ID Vault
2015-07-05 23:56 - 2012-01-21 16:33 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2015-07-05 23:54 - 2013-02-24 10:53 - 00003228 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-05 23:50 - 2012-01-21 17:05 - 00000000 ____D C:\Program Files\Dl_cats
2015-07-05 20:17 - 2014-08-27 09:46 - 00000000 ____D C:\Users\Patrice\AppData\Local\NPE
2015-07-05 19:55 - 2014-08-27 09:50 - 00000000 ____D C:\NPE
2015-07-05 19:19 - 2014-08-27 11:45 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-05 19:19 - 2011-09-25 04:54 - 00000000 ____D C:\ProgramData\Norton
2015-07-05 19:11 - 2012-01-21 16:33 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-05 19:08 - 2014-08-27 11:45 - 00001270 _____ C:\Users\Patrice\Desktop\Norton Installation Files.lnk
2015-07-03 08:20 - 2012-01-23 01:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\CrashDumps
2015-07-02 09:35 - 2012-01-21 16:05 - 00118976 _____ C:\Users\Patrice\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-02 09:21 - 2009-07-14 00:45 - 00460440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-02 09:15 - 2015-01-26 22:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-28 15:26 - 2012-01-22 18:37 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-06-25 12:24 - 2009-07-14 01:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 09:21 - 2012-08-25 09:01 - 00000000 ____D C:\Windows\Minidump
2015-06-25 08:41 - 2015-03-06 23:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-24 08:56 - 2012-10-11 03:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 08:56 - 2012-04-03 07:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 08:56 - 2012-01-21 23:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 16:01 - 2014-11-24 16:04 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieBrowserModeList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieUserList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieSiteList
2015-06-23 10:34 - 2015-03-03 13:16 - 00000000 ____D C:\ProgramData\Verizon
2015-06-23 10:33 - 2014-11-26 09:50 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-23 08:44 - 2015-03-25 12:11 - 00000000 ____D C:\ProgramData\MR APP
2015-06-23 08:12 - 2015-01-26 23:49 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-17 09:58 - 2012-01-21 16:21 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPATRICE-HP$
2015-06-17 09:58 - 2012-01-21 16:21 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForPATRICE-HP$.job
2015-06-11 09:58 - 2012-01-21 16:23 - 00000000 ____D C:\Users\Patrice\AppData\Local\ID Vault
2015-06-11 09:57 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 09:27 - 2014-12-12 10:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 09:27 - 2014-05-07 07:56 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 09:27 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 09:07 - 2013-08-14 03:02 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 08:52 - 2012-01-21 22:32 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Files in the root of some directories =======
 
2012-03-18 20:07 - 2012-03-18 20:09 - 0013008 _____ () C:\Users\Patrice\AppData\Roaming\Comma Separated Values (Windows).CAL
2012-01-21 16:50 - 2013-05-15 16:13 - 0020814 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Desktop.Exception.log
2012-01-21 16:49 - 2013-05-15 16:17 - 0006437 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-01-21 16:50 - 2013-05-15 16:13 - 0006006 _____ () C:\Users\Patrice\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-06-09 14:48 - 2012-09-23 23:08 - 0000385 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Transcoder.Exception.log
2013-06-15 02:40 - 2013-06-22 02:09 - 0000005 _____ () C:\Users\Patrice\AppData\Roaming\WBPU-TTL.DAT
2015-05-06 08:56 - 2015-05-06 08:56 - 0000000 ____H () C:\Users\Patrice\AppData\Local\BIT17F2.tmp
2012-01-23 01:13 - 2012-06-17 18:47 - 0024064 _____ () C:\Users\Patrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-06 08:54 - 2015-05-06 08:54 - 0000000 _____ () C:\Users\Patrice\AppData\Local\{717219CE-6B7A-4CAE-B6B6-356B0F5B2D93}
2013-04-14 17:41 - 2013-04-14 18:08 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\Patrice\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvf4rl0.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-07 14:43
 
==================== End of log ============================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Patrice at 2015-07-07 10:12:37
Running from C:\Users\Patrice\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-27582077-1071981072-3432663169-500 - Administrator - Disabled)
Guest (S-1-5-21-27582077-1071981072-3432663169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-27582077-1071981072-3432663169-1003 - Limited - Enabled)
Patrice (S-1-5-21-27582077-1071981072-3432663169-1001 - Administrator - Enabled) => C:\Users\Patrice
Tricey (S-1-5-21-27582077-1071981072-3432663169-1004 - Limited - Enabled) => C:\Users\Tricey
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Cloud Drive) (Version: 2.2.4.6 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{B4BD4DFB-0A22-43EC-A2D4-BF515E9A546F}) (Version: 6.0.0.172 - ArcSoft)
BBSAK (HKLM-x32\...\{E2B4FE1C-2CFA-47EE-A88C-A14D0FF1F0B0}) (Version: 1.9.11 - JMT Labs)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BlackBerry App World Browser Plugin (HKLM-x32\...\{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}) (Version: 3.1.0.6 - Research In Motion Limited)
BlackBerry Backup Extractor (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\BlackBerry Backup Extractor) (Version: 2.0.4.0 - Reincubate Ltd)
BlackBerry Device Software Updater (HKLM-x32\...\{38676C9C-270F-43D1-926A-E45DE8820A6B}) (Version: 7.1.0.34 - Research In Motion Ltd)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{3CA0D836-B5E7-463D-A1C5-9F49B3E3EDE6}) (Version: 2.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citation (HKLM-x32\...\{43645D1A-34C9-459E-9FF3-82181C856137}) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDPB Installer (HKLM-x32\...\{7DD3FB68-AB3B-433D-87D6-A5649667AFDD}) (Version: 1.0.6 - Dau Den)
Dell Photo AIO Printer 944 (HKLM\...\Dell Photo AIO Printer 944) (Version:  - Dell, Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dr Paper 6.7 (HKLM-x32\...\{A40DC538-A807-4A4A-8C6F-8A598D4D79E8}) (Version:  - )
Dropbox (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
e-Rewards Plus (HKLM-x32\...\{DF084DCA-2D60-4F03-9989-2E44CF0A96D2}) (Version: 1.1.0.308 - e-Rewards Opinion Panel)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 5.1.2 (HKLM-x32\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fast Connect (HKLM-x32\...\ID Vault) (Version: 1.15.414.3 - White Sky)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free PDF Solutions PDF to WORD version 1.0 (HKLM-x32\...\Free PDF Solutions PDF to WORD_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Gmail Notifier (HKLM-x32\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{99CEB89F-50EC-4979-BDF6-148645D7EB35}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
MagicBerry (HKLM-x32\...\{7BB7612B-383F-422C-A605-EA0F4FB0FB7C}) (Version: 3.1.0.0 - Mena Step Innovative Solutions)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message+ (HKLM-x32\...\{e81287bb-3cf1-409f-abb0-f046c5df16cc}) (Version: 1.0.16.0 - Verizon)
Message+ (x32 Version: 1.0.16.0 - Verizon) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Print To Go 2.0 (HKLM-x32\...\Print_To_Go) (Version: 2.0.110.0 - Research In Motion)
Print To Go 2.0 (x32 Version: 2.0.110.0 - Research In Motion) Hidden
Publish to Photo Frame (HKLM-x32\...\{6E6D21BA-82D7-451A-8B2C-465B3AC9824E}) (Version: 1.0.3.0 - Roger Lipscombe)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{8A3072C3-8EA3-4CDE-B342-88E67FAB06E5}) (Version: 2.3.00.03130 - Sony Corporation)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage) <==== ATTENTION
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search App by Ask (HKLM-x32\...\{5245414C-312D-5350-00A7-A758B70C1500}) (Version: 12.21.0.116 - APN, LLC) <==== ATTENTION
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SuDoku Wiz (HKLM-x32\...\{41E0DB72-E1AB-4AA9-8C17-CF9BB8DC5B83}) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Tether 1.4.3.7 (HKLM-x32\...\{2863C12B-2A02-4258-8495-6220605B2E5C}_is1) (Version:  - Tether)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: 4.1.0 - Verizon Wireless)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zoosk Messenger (HKLM-x32\...\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1) (Version: 4.200.2 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.200.2 - Zoosk, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
17-06-2015 10:40:24 Removed RegHunter
23-06-2015 10:32:10 Message+
01-07-2015 10:57:01 Norton Security Suite Registry
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-03-28 17:17 - 00001109 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0691914B-55D1-4F6C-B7E0-36A1F117D088} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0FE55D85-14BE-406D-AF59-72D92B8CB2A8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {20EE9337-5734-41EE-90D5-04401AF76362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)
Task: {23FD187C-91CB-415B-8AB9-E510BD8EBD3F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {27AF34D3-416E-4B12-A48B-789C5A11DB42} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2B12DD05-CFF6-4551-8D01-60E50E640C28} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {2DB7E880-53EA-4479-A29C-C9BB4C73D30C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3F39135B-46AA-4E81-8A0F-779CDF18A5D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {458C9E08-C404-48BC-8665-D33BA1511163} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {494D7AC2-24A1-49A1-9C0C-95F652B4B42E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft)
Task: {4BF22A36-7F75-471B-A615-9172C1B120C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {53E4174F-AD06-4523-A79E-7378F3F2B0AE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {5491B7E1-6739-4DD8-BD6C-7719220F311D} - System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {573B5F99-64AC-4357-AF7B-A3BF7E946BC9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5AAC0DB0-7DF4-4351-AF17-CBCB45287F6B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {5C8CEA35-58B4-4DAD-8E34-183D7702F6EE} - System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {61E9F04D-502D-404B-835F-7ABDCAD2AC15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A9B5091-EDF5-4071-8C1B-3094B859ED3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {71D47C4D-F4B4-4C34-A14C-4C54732D5776} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7752527A-06AE-48E2-AA6B-16143BFF7C5B} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7F214719-CD40-4621-B9BF-E612120EAF93} - System32\Tasks\HPCeeScheduleForPATRICE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8212A0E3-E110-4037-B49A-6D657386B715} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {844CCB8A-DF95-4934-9596-604143C2AED1} - System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {84CC8827-F3CD-4E51-AD65-12688DC0CD8C} - System32\Tasks\{0D2AF365-E008-4437-87BA-ADF0994AF52C} => pcalua.exe -a "C:\Users\Patrice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CP1UIZP5\wmp11-windowsxp-x64-enu.exe" -d C:\Users\Patrice\Desktop
Task: {8851657D-F0F0-49BC-B7B8-21DCCF6F189D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {8B400ADF-6584-4902-8BE4-3B6137882AE4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {8C366CD8-11F8-41FD-921F-E6D5AB0CB9E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {94FE4EE4-C4E8-440D-82E0-93FFBBB202AE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {983F76F3-23B6-4F81-A515-5508D5C114A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {AAB6A5F1-8EF2-403C-A423-56C2F403F1F9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrice-HP-Patrice Patrice-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {AEBF0913-EF20-41AC-A9BC-BB7656F18C47} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-26] (CyberLink)
Task: {B08400F9-FDE7-477B-94BE-65A75ABC0956} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BD2BBA5F-C591-4489-B7C7-45F9BFCF683D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {BE04BE2A-1248-4442-9443-541715F7BB2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {C0BC377A-022D-4DCB-B1D9-B71C3D232A9A} - System32\Tasks\HPCeeScheduleForPatrice => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C4FA1956-98BE-4AF2-9EE6-00569C2436CF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {C9DC7D89-7A5E-446B-B94A-59708F0A689E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {D8AA3B1A-C433-40B3-92FA-FAE0C69B905B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EB28D6E8-BF82-4F7B-BEF7-EEC6101CDB84} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EF5121DF-F87A-4B52-84DA-10E6028C6772} - System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F07E1DE2-2631-4232-B08B-1DDC8C9975B4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F130A927-9F48-405C-8BC8-2879EF15DB25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5} - System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F9E4D932-9BFC-43F4-A09E-47E1047CD6C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FA3F2B99-F59B-4325-9364-144364F323EC} - System32\Tasks\{202BACAF-F173-4F58-AA6F-12067A4D7AC0} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {FB50A5D4-4C92-4004-9D43-70EB21BA28DE} - System32\Tasks\{DD6A0E8F-F01D-4034-B446-532709629370} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPATRICE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPatrice.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-09-28 07:19 - 2011-09-28 07:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-06 23:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-12 13:30 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-01-21 17:05 - 2007-01-17 00:36 - 00304624 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
2015-01-01 12:26 - 2014-12-08 02:27 - 06277952 _____ () C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-02-10 04:28 - 2015-02-10 04:28 - 15281472 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
2015-02-10 04:26 - 2015-02-10 04:26 - 00160256 _____ () C:\Program Files\Verizon Cloud\libexpat.dll
2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-05-19 06:46 - 2015-05-19 06:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-05-28 20:38 - 2015-05-28 20:38 - 00094720 _____ () C:\Program Files (x86)\MR APP\MRAPP.Common.dll
2015-05-28 20:39 - 2015-05-28 20:39 - 00013824 _____ () C:\Program Files (x86)\MR APP\MRAPP.Scheduler.dll
2015-05-28 20:38 - 2015-05-28 20:38 - 00272384 _____ () C:\Program Files (x86)\MR APP\C5.dll
2014-01-10 12:27 - 2014-01-10 12:27 - 00663056 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2012-01-21 17:05 - 2006-12-20 22:12 - 00069632 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdcfg.dll
2012-01-21 23:21 - 2012-02-22 20:49 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2012-01-21 23:21 - 2012-02-22 20:49 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2015-02-20 12:25 - 2015-02-20 12:25 - 00612152 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\sqlite3.DLL
2015-02-24 15:16 - 2015-02-24 15:16 - 01654272 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\VzMessagingClientLib.dll
2015-01-26 22:17 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-26 22:17 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-12 13:29 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-04-14 18:13 - 2015-04-14 18:13 - 00548152 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2015-07-07 09:01 - 2015-07-07 09:01 - 00043008 _____ () c:\users\patrice\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvf4rl0.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-03-06 23:43 - 2015-05-19 16:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-03-13 10:23 - 2014-03-13 10:23 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2012-09-25 19:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 20:07 - 2014-10-29 20:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2015-01-26 22:17 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-21 15:45 - 2014-11-26 09:45 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2015-01-26 22:17 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-26 22:17 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-06-23 08:12 - 2015-06-20 01:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 08:12 - 2015-06-20 01:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 08:12 - 2015-06-20 01:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Patrice\Desktop\Leo the lion.gif:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.16.12.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{415D830B-73C1-4320-9087-73A66E3F0655}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{07115023-327E-420B-A6F6-A6BFB3682B9E}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{3721E70A-6FFE-4976-9EE0-3AA73D4BB40E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{13143E32-A081-49BF-B700-F6BC57584AB7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{14AFDF33-20AC-441A-840D-139B34623006}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FEA80950-AB6A-41C1-BD30-6B133F1AEBC7}] => (Allow) LPort=2869
FirewallRules: [{467F2F01-A144-4E38-AC29-878B64690C9B}] => (Allow) LPort=1900
FirewallRules: [{76EF3848-9FDE-40E1-8EFF-C90AA050D154}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D6DC87BC-BC28-4214-B27A-95FFD03B356B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6736D3B3-190D-42D4-955D-45C1576F965F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{2F622E74-DBE2-40DE-8D1C-E46ECA7E595B}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{DD3CFCF8-20CE-4623-9C83-24DA79757F04}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{A21D025F-6C08-4BDA-B70D-FFC5BB9B2057}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{EEDD439B-F569-42AB-96B1-05FA10A0D35E}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{931713C7-D140-4013-89AC-9F6B4A31CC1B}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{A58D2E1E-2F76-4B8A-BBDA-2BC8F04E43D0}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{BA57BFED-701E-4200-9787-EAB5C94A890F}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{298CC344-F0A3-4427-B91D-A70526234208}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{9EF90167-814B-4724-94A3-E0C2FACA13C3}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{6E83C8C5-7AF8-4AAB-B633-F7B624447C66}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{ECC37EB6-1341-4DBD-8459-FC829920471B}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{130E8DE1-8E5A-4633-947C-99AFAC4D5873}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D5D63D8D-D34A-4E10-9894-507CE791B47E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6A4BA276-8792-448B-8BBA-2802CBB112C0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{36835A69-8FC1-4E42-80DF-49580ACCD7F7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{05E6ABA8-DDF8-4876-8F0A-BA7011048A17}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1E3B8ED4-DE9C-4FCF-9661-EFCEFBB242E8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E1248FDA-2D44-469F-A93E-C5296E95FE66}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{CE98B8B0-A396-4566-A3BE-41A50C21D6CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{597439EC-6C63-446C-A810-F72CA8C1A104}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{32562F2F-44B7-4D0C-8D8D-E161B1CB1C6D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{69FB5A90-84BD-4F76-9F93-5C825975A8C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{98FC112B-AF9D-43E8-AB6C-4D5528A024CE}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{702C7FB0-F889-4ACF-A466-80881111501C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{23A7809B-BA05-4D6B-96B3-C5022F8F32D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{338FD979-E7EA-4C57-ABAB-8C6849234173}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{3279A655-0311-4B32-A10E-C3403C4430EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{EE8D1188-ED7A-48CE-B687-3A313C25BA28}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [TCP Query User{6A980CA5-1D30-4499-92AC-E433BAD7BF2A}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{63C3F65D-6461-400D-94E4-4CA801AEEB9F}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [{46726E92-A99B-4BA5-B393-28C3974D8C9E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{4AC24738-1014-44F7-BAEB-ED1536C46699}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{6535D786-846F-42F9-A90D-F1EC21E648D6}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{3C8BD9CF-08FB-44CB-AE45-97EC91C3C0EA}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{796A088D-2218-4321-8405-7B28ABE34799}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{7937220F-9362-4B18-8F0E-B7B29618864D}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{76BCDE70-9D5B-4E58-A2EC-F5480B16F96E}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{FD84FFAD-B22F-40E4-98E2-E97BBED4187B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{A0A066B2-6021-4FCB-902E-8CFFB36C1180}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33438288-88DB-4E5E-9546-446EDCE5568A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{1BC6671F-0930-4C2D-BDF0-A8A8F0A92D31}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33E04E4E-F141-4BD4-AE2D-A4FDA1A0344E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{260E909E-A450-4AB4-87A2-C1061ACBAA1A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B6548AE4-4CF9-4DD4-B4B5-797FBB42EACB}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{80D1B8A8-6511-4C24-A86C-CC0C5BAFB3E0}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E762E263-9427-4D2C-9B6D-8639906779A5}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2D71BC31-1642-40C9-B4E1-BCACF45258F3}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3EFB532C-3D57-43AF-9442-90BC6F11ED09}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{BCA244BD-D988-45BD-A928-6BA10A7B3EEB}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{EC87FB97-6339-4471-9D5E-05D6A7B2B613}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{9C12CA3F-5227-4A8C-8D44-F2E83ACAF291}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{BCCDD196-5BF9-4F68-8471-462C0D8B534D}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{760BC7A2-5D87-4F9F-B411-3E0DD60126AF}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{95A5CFCB-1354-4B07-83DF-3FD8C24BED96}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{4D038C5F-9A28-4EDE-A3F4-93A4CC68B10C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{B595FB0B-73BF-4C21-8921-992286E0B7EF}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{C56728A5-4ACF-4187-9060-CD1FB2B77A61}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{CB0A91BA-AF67-4C2E-9CE9-F71521A2D786}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{EF5BA1D9-CACD-4847-900A-6E13474E656E}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
FirewallRules: [TCP Query User{1F4599B0-A4FE-4E4D-9ED8-20C3401F1431}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{4632207F-42DC-4767-BD61-89FC255C1AC9}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{1FC30A5B-3189-4B0D-B083-FD8F31CF6DB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A72814D1-7DCA-4154-B600-656A0F9A748B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{6640EBD5-09DE-4AAB-8D3D-3390B6D15E8B}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{3F92806A-100D-4E45-985E-313514AD6D2D}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{C2BCB992-68F1-4909-A5A3-F7ACFBAB692C}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{4BAFF365-4EE9-47E5-9646-7CF52EA2721C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C1A33772-D194-4BA6-BD8D-5502A00C93B3}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{101A0BD1-53FA-4620-BF9F-FE47EF76D77A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{2D648865-0EA3-4567-91F3-818E348BE000}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{EF511BB6-3659-4E3E-9FE0-848481F96DE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2C295E42-5392-4CD3-8DBC-F257102FB17E}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{3B6F0094-FA13-4C29-9D11-355BA1FDC1D4}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{2DCB60FF-A8A0-4D7C-B005-4999F29BB965}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{35B8714D-3F4D-490B-A52A-FBCB951A4996}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{E99F6877-DF95-4040-B58D-63854DBBC090}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6979EFD9-5F06-4BD5-9258-F1BF7D407DD2}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.UI.exe
FirewallRules: [{D0F35072-96B7-4B07-9317-0CCDFD729CDB}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe
FirewallRules: [{D688A959-E744-472E-9EBC-D679581F4B46}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe
FirewallRules: [{31411C0C-8E54-4C56-94B5-7BE60C47ADE3}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{82BC6CDF-DD90-457B-B530-1F0405E836A5}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{22BB76D8-64C9-4D56-B802-3D608AB156A6}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
FirewallRules: [{7AB0FEC3-E1A9-4372-BD19-E2A77E2CA955}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Tether Ethernet Adapter
Description: Tether Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Tether
Service: qrkis
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/07/2015 09:00:30 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/07/2015 09:00:30 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Display Flag Error Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
 
Error: (07/07/2015 09:00:18 AM) (Source: IDVault) (EventID: 0) (User: )
Description: IsStartupTypeAutomatic failed for W32TimeCall was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 528: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 660: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 676: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
System errors:
=============
Error: (07/07/2015 10:13:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:09 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/07/2015 10:13:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/07/2015 10:13:00 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/07/2015 10:13:00 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/07/2015 10:12:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
 
Microsoft Office:
=========================
Error: (07/07/2015 09:00:30 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/07/2015 09:00:30 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Display Flag Error Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
 
Error: (07/07/2015 09:00:18 AM) (Source: IDVault) (EventID: 0) (User: )
Description: IsStartupTypeAutomatic failed for W32TimeCall was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 528: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 660: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 676: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/07/2015 08:29:10 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 524: ERROR: read_msg errno 0 (The operation completed successfully.)
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-30 10:28:14.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:13.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-3300M APU with Radeon™ HD Graphics
Percentage of memory in use: 62%
Total physical RAM: 3561.41 MB
Available physical RAM: 1323.86 MB
Total Virtual: 7121.02 MB
Available Virtual: 3153.9 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:451.54 GB) (Free:69.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.93 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C2B9383B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of log ============================
 
 
 

 


  • 0

Advertisements

#2
Essexboy
Posted 11 July 2015 - 04:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay, do you still need help ?

If so could you run a fresh FRST scan please and let me know the current problems
  • 0

#3
mspatrice71
Posted 12 July 2015 - 10:01 AM

mspatrice71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Yes, I still need help, thank you, I just reran it below

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Patrice (administrator) on PATRICE-HP on 12-07-2015 11:48:20
Running from C:\Users\Patrice\Desktop
Loaded Profiles: Patrice (Available Profiles: Patrice & Tricey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
( ) C:\Windows\System32\dlcdcoms.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(CA, Inc.) C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Microsoft) C:\Program Files (x86)\MR APP\MRAPP.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
() C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Spotify Ltd) C:\Users\Patrice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Verizon) C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\nacl64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coNatHst.exe
(Microsoft Corporation) C:\Program Files\Zune\Zune.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msoia.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [DLCDCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\DLCDtime.dll,RunDLLEntry
HKLM\...\Run: [dlcdmon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe [431600 2007-01-17] (Dell)
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe [304624 2007-01-17] ()
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-02-05] (IDT, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-03-13] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-25] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-11-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6591800 2012-02-22] (Yahoo! Inc.)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Spotify Web Helper] => C:\Users\Patrice\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Amazon Music] => C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe [15281472 2015-02-10] ()
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-18] (SUPERAntiSpyware)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [Dropbox Update] => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Run: [AutoStartVMA] => C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe [12899840 2015-02-24] (Verizon)
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {4e329d68-b1f1-11e1-9fd7-ec9a74480ea3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\drivers\setup.exe
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {68ed2a5c-263a-11e5-bd3d-02b0d8500501} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.exe
HKU\S-1-5-18\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\S-1-5-18\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2015-04-26]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2014-11-20]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-07-21]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2012-01-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-03-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-27582077-1071981072-3432663169-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-27582077-1071981072-3432663169-1001] => http=127.0.0.1:16110;https=127.0.0.1:16110
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> {627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> {627C4FEE-4BD3-4C98-B5C4-C5B001BEEEEF} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> DefaultScope {AB20B57F-2B7C-4BC0-8DAB-A6C14856531F} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {AB20B57F-2B7C-4BC0-8DAB-A6C14856531F} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-27582077-1071981072-3432663169-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-01-28] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.414.3\NativeBHO.dll [2015-04-14] (WhiteSky)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-17] (Yahoo! Inc)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
DPF: HKLM-x32 {16F67783-7E72-4C39-99C4-4780A8335484} http://www.syncmyrid...pplets/sync.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-19] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-05-14] (EasyBits Software Corp.)
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 172.16.12.1
Tcpip\..\Interfaces\{60754EDC-E4BD-47C3-A02C-67A91C936641}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{E9F39A8E-0F4A-42BA-B624-DBDAE4A9693D}: [DhcpNameServer] 172.16.12.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-01-04] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-26] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-26] (RealPlayer Cloud)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll [2011-12-05] ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] ()
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-03-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2014-04-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-07-12]
 
Chrome: 
=======
CHR Profile: C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Connect) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeihfhnbnfemlajfadhbpdfiipncebld [2015-03-17]
CHR Extension: (XFINITY® One Click) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpneloifkenkdnebjkadkmnfekfpggdi [2015-03-28]
CHR Extension: (Norton Identity Safe) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-13]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-03-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-21]
CHR Extension: (Hangouts) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-28]
CHR Extension: (Norton Safe) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-13]
CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2015-03-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-07-05]
CHR HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fgkbmedckhcibhkdhaokebnllokeokek] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [fgkbmedckhcibhkdhaokebnllokeokek] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-07-05]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 dlcd_device; C:\Windows\system32\dlcdcoms.exe [566768 2007-01-17] ( )
R2 dlcd_device; C:\Windows\SysWOW64\dlcdcoms.exe [538096 2007-01-17] ( )
R2 EventService; C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe [34304 2015-07-06] (Digital Market Research Apps Pty Ltd) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2012-01-29] (Realsil Microelectronics Inc.) [File not signed]
R2 ITMRTSVC; C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe [283912 2007-09-26] (CA, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-26] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7414256 2015-05-19] (Reimage®)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [File not signed]
R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2015-07-06] (Digital Market Research Apps Pty Ltd) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Tether; C:\Program Files (x86)\Tether\TBService.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-06-25] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-05] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-03-11] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-03-11] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150710.001\IDSvia64.sys [692984 2015-07-03] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150711.004\ENG64.SYS [138488 2015-07-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150711.004\EX64.SYS [2146040 2015-07-05] (Symantec Corporation)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-07-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 cpuz134; \??\C:\Users\Patrice\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-12 11:35 - 2015-07-12 11:35 - 00000000 ____D C:\Users\Patrice\Desktop\FRST-OlderVersion
2015-07-12 11:00 - 2015-07-12 11:00 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001
2015-07-12 11:00 - 2015-07-12 11:00 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001
2015-07-12 10:32 - 2015-07-12 10:32 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-10 08:57 - 2015-07-12 10:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{7133FD67-D4DB-4C32-A78B-A44512EADF7A}
2015-07-09 12:58 - 2015-07-09 12:58 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6AFB8A4A-7041-4161-B601-99EF8C8A7917}
2015-07-09 10:13 - 2015-06-26 18:07 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-09 10:13 - 2015-06-26 18:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-09 10:13 - 2015-06-26 18:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-09 10:13 - 2015-06-26 18:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-09 10:13 - 2015-06-26 18:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-09 10:13 - 2015-06-26 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-09 10:13 - 2015-06-26 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-09 10:13 - 2015-06-26 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-09 10:13 - 2015-06-26 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-09 10:13 - 2015-06-26 13:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-09 10:13 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-09 10:13 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-09 10:13 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-09 10:13 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-09 10:13 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-09 10:13 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-09 10:13 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-09 10:13 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-09 10:13 - 2015-03-13 23:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-09 10:13 - 2015-03-13 23:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-09 10:13 - 2015-03-13 23:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-09 10:13 - 2015-03-13 23:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-09 09:58 - 2015-07-09 09:58 - 00001015 _____ C:\Users\Public\Desktop\BlackBerry Blend.lnk
2015-07-09 09:58 - 2015-07-09 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Blend
2015-07-09 09:58 - 2015-07-09 09:58 - 00000000 ____D C:\Program Files (x86)\BlackBerry
2015-07-09 09:57 - 2015-07-09 09:57 - 00001099 _____ C:\Users\Public\Desktop\BlackBerry Link.lnk
2015-07-09 09:57 - 2015-07-09 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Link
2015-07-09 09:56 - 2015-07-09 09:56 - 00000000 ____D C:\Users\Patrice\AppData\Local\BlackBerry
2015-07-09 09:53 - 2015-06-29 14:01 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-09 09:53 - 2015-06-29 13:59 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-09 09:53 - 2015-06-29 13:59 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-09 09:53 - 2015-06-29 13:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-09 09:53 - 2015-06-29 13:59 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-09 09:53 - 2015-06-29 13:59 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-09 09:53 - 2015-06-29 13:59 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-09 09:53 - 2015-06-29 13:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-09 09:50 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-09 09:14 - 2015-07-09 09:18 - 196257976 _____ (BlackBerry) C:\Users\Patrice\Downloads\BlackBerryDesktopSoftware_1.2.0.52_B59.exe
2015-07-09 08:45 - 2015-07-09 08:45 - 00000000 ____D C:\Program Files (x86)\MR APP
2015-07-08 09:01 - 2015-07-08 23:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6DCB465D-D22B-447E-8BE7-51D1ACEF093F}
2015-07-07 13:32 - 2015-07-07 13:32 - 00000000 ____D C:\Users\Patrice\AppData\Local\{9B5B3E18-A0F2-4F8F-9887-33528DBDF661}
2015-07-07 10:12 - 2015-07-07 10:22 - 00067289 _____ C:\Users\Patrice\Desktop\Addition.txt
2015-07-07 09:59 - 2015-07-12 11:48 - 00043324 _____ C:\Users\Patrice\Desktop\FRST.txt
2015-07-07 09:52 - 2015-07-12 11:48 - 00000000 ____D C:\FRST
2015-07-07 09:34 - 2015-07-12 11:35 - 02130944 _____ (Farbar) C:\Users\Patrice\Desktop\FRST64.exe
2015-07-06 13:30 - 2015-07-07 01:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{F7C0E25B-95EE-4E58-A84B-D4223E6C9259}
2015-07-06 09:01 - 2015-07-06 09:01 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E72D8CB9-93EE-44A0-877E-9AE325F0EA2C}
2015-07-06 00:03 - 2015-07-06 00:03 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security Suite
2015-07-05 19:11 - 2015-07-05 23:53 - 00002359 _____ C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-07-05 19:11 - 2015-07-05 19:11 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-05 19:11 - 2015-07-05 19:11 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-05 19:10 - 2015-07-05 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-07-05 19:10 - 2015-07-05 19:10 - 00000000 ____D C:\Program Files (x86)\Norton Security Suite
2015-07-05 19:05 - 2015-07-05 19:06 - 01021632 _____ (Symantec Corporation) C:\Users\Patrice\Downloads\Norton_Download_Manager (2).exe
2015-07-05 18:42 - 2015-07-05 18:42 - 00958328 _____ C:\Users\Patrice\Downloads\Norton_Removal_Tool (1).exe
2015-07-05 17:20 - 2015-07-10 09:22 - 00023247 _____ C:\Windows\system32\ScanResults.xml
2015-07-05 17:05 - 2015-07-10 09:10 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-05 17:03 - 2015-07-05 17:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1631E3FC-3ACF-4B90-BE51-A649AB422134}
2015-07-04 15:08 - 2015-07-04 15:08 - 00000000 ____D C:\Users\Patrice\AppData\Local\{2C2CB7EE-0483-44E6-A67A-DFA25361A4E7}
2015-07-03 08:17 - 2015-07-03 08:17 - 00000000 ____D C:\Users\Patrice\AppData\Local\{C2D359DB-5773-406A-8EFB-2CCAD2392076}
2015-07-02 08:38 - 2015-07-02 08:39 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E41D08B3-DFD3-4CC2-8214-A4ED2A0D8F2E}
2015-07-01 14:37 - 2015-07-01 14:37 - 01642566 _____ C:\Users\Patrice\Downloads\Snap-2_0_0_2 (4).bar
2015-07-01 10:54 - 2015-07-01 11:03 - 00000000 ____D C:\Program Files\Reimage
2015-07-01 10:54 - 2015-07-01 10:55 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-07-01 10:54 - 2015-07-01 10:54 - 00004282 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-07-01 10:53 - 2015-07-01 10:55 - 00000156 _____ C:\Windows\Reimage.ini
2015-07-01 10:53 - 2015-07-01 10:53 - 00772016 _____ (Reimage®) C:\Users\Patrice\Downloads\ReimageRepair.exe
2015-07-01 10:52 - 2015-07-01 10:52 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (5).exe
2015-07-01 10:51 - 2015-07-01 10:51 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (4).exe
2015-07-01 10:29 - 2015-07-01 11:01 - 00000000 ____D C:\Program Files (x86)\PCFixKit
2015-07-01 10:29 - 2015-07-01 10:29 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\PCFixKit
2015-07-01 10:26 - 2015-07-01 10:26 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Patrice\Downloads\SpyHunter-Installer (3).exe
2015-06-30 19:53 - 2015-04-16 00:51 - 2688929049 _____ C:\Users\Patrice\Downloads\Trice-Z10ylL-Switch (04-16-2015).zip
2015-06-30 19:39 - 2015-06-30 19:39 - 00001302 _____ C:\Users\Patrice\Desktop\BlackBerry Backup Extractor.lnk
2015-06-30 19:39 - 2015-06-30 19:39 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Reincubate
2015-06-30 19:39 - 2015-06-30 19:39 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2015-06-30 19:35 - 2015-06-30 19:36 - 02650984 _____ (Reincubate Ltd) C:\Users\Patrice\Downloads\bbbe-latest.exe
2015-06-30 16:30 - 2015-06-30 16:30 - 00000000 ____D C:\Users\Patrice\Documents\Patrice-Z30
2015-06-29 21:31 - 2015-07-01 08:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{A1C6C12F-9F45-4CAB-B0CB-68210E1D5CAF}
2015-06-29 09:26 - 2015-06-29 09:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{436E4563-FD47-4413-AB20-1DDA6A3BF872}
2015-06-28 15:21 - 2015-06-28 15:21 - 00000000 ____D C:\Users\Patrice\AppData\Local\{DB415AB1-D264-460D-BABB-D55D8C8DCAEC}
2015-06-26 21:12 - 2015-06-27 21:09 - 00000000 ____D C:\Users\Patrice\AppData\Local\{35D9F5B9-9FD6-44C3-B0F6-B0C1D1C0ABBC}
2015-06-26 11:43 - 2015-07-08 23:38 - 00219716 _____ C:\Windows\PFRO.log
2015-06-25 12:24 - 2015-06-25 12:24 - 00000000 ____D C:\Users\Patrice\Documents\BLACKBERRY-CA74
2015-06-25 12:14 - 2015-07-12 10:54 - 00007687 _____ C:\Windows\setupact.log
2015-06-25 12:14 - 2015-06-25 12:14 - 00000000 _____ C:\Windows\setuperr.log
2015-06-25 08:08 - 2015-06-26 08:45 - 00000000 ____D C:\Users\Patrice\AppData\Local\{123F0186-3E58-44F5-83B5-F71512E5978C}
2015-06-23 20:05 - 2015-06-24 08:06 - 00000000 ____D C:\Users\Patrice\AppData\Local\{CFCAD671-4D19-4342-80A8-A894E7DA9E3B}
2015-06-23 10:38 - 2015-06-23 10:38 - 00000000 ____D C:\Users\Patrice\AppData\Local\HockeyCrashes
2015-06-23 10:36 - 2015-06-23 10:36 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Verizon
2015-06-23 10:34 - 2015-06-23 10:34 - 00002075 _____ C:\Users\Public\Desktop\Message+.lnk
2015-06-23 10:34 - 2015-06-23 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Messages
2015-06-23 10:34 - 2015-06-23 10:34 - 00000000 ____D C:\Program Files (x86)\Verizon
2015-06-23 10:27 - 2015-06-23 10:27 - 14511701 _____ (Verizon) C:\Users\Patrice\Downloads\Message+.exe
2015-06-22 00:40 - 2015-06-23 08:04 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1698606C-3430-403E-BEF0-E9E8759C8A7A}
2015-06-21 09:35 - 2015-06-21 09:37 - 00000000 ____D C:\Users\Patrice\AppData\Local\{5AF64EB5-7BB1-48D0-9440-134EB603AF03}
2015-06-17 10:43 - 2015-06-17 10:45 - 00000000 ____D C:\Windows\F94A63D79A61403B8F6F90B1BF77211A.TMP
2015-06-17 10:33 - 2015-06-19 09:49 - 00000000 ____D C:\Users\Patrice\AppData\Local\{EC25C52B-5B8E-4AC9-96B6-2B4DA8B08E03}
2015-06-16 09:28 - 2015-07-12 11:33 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA.job
2015-06-16 09:28 - 2015-07-12 10:26 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core.job
2015-06-16 09:28 - 2015-06-16 09:28 - 00003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA
2015-06-16 09:28 - 2015-06-16 09:28 - 00003504 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core
2015-06-16 09:27 - 2015-06-16 09:27 - 00000000 ____D C:\Users\Patrice\AppData\Local\Dropbox
2015-06-16 09:27 - 2015-06-16 09:27 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-15 09:42 - 2015-07-10 14:41 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPatrice
2015-06-14 07:19 - 2015-06-16 08:46 - 00000000 ____D C:\Users\Patrice\AppData\Local\{7332B90C-4AE7-49EB-8186-286891DE4046}
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-12 11:53 - 2015-05-19 17:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 11:53 - 2012-10-11 03:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-12 11:23 - 2011-09-25 04:35 - 01412295 _____ C:\Windows\WindowsUpdate.log
2015-07-12 11:16 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 11:16 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 11:08 - 2012-01-21 16:12 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\ID Vault
2015-07-12 11:03 - 2014-02-25 09:48 - 00000000 ___RD C:\Users\Patrice\Dropbox
2015-07-12 11:03 - 2014-02-25 09:45 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Dropbox
2015-07-12 11:00 - 2012-01-22 22:30 - 00000000 ____D C:\Users\Patrice\Tracing
2015-07-12 10:59 - 2015-03-03 13:16 - 00000000 ____D C:\Users\Patrice\AppData\Local\Backup Assistant Plus
2015-07-12 10:59 - 2012-11-15 09:16 - 00000000 ____D C:\ID Vault
2015-07-12 10:57 - 2015-05-19 17:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 10:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 14:41 - 2015-04-27 17:42 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForPatrice.job
2015-07-10 12:42 - 2012-01-21 16:10 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2015-07-10 10:58 - 2012-01-21 16:06 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D60F6613-E116-413B-82C0-D7522DBAE22C}
2015-07-09 13:53 - 2012-10-11 03:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 13:53 - 2012-04-03 07:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 13:53 - 2012-01-21 23:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 10:33 - 2014-12-12 10:56 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-09 10:33 - 2014-05-07 07:56 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-09 10:33 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-09 09:37 - 2014-11-26 09:50 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-09 08:51 - 2015-03-25 12:11 - 00000000 ____D C:\ProgramData\MR APP
2015-07-08 23:52 - 2009-07-14 01:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 13:56 - 2015-01-26 23:49 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 09:51 - 2012-09-06 20:28 - 00000000 ____D C:\Users\Patrice\Downloads\Vector Clip Art of Patriotic Voting poster - Vector patriotic voting poster csp8337871 - Search Clipart, Illustration, Drawings, and EPS Vector Graphics Images_files
2015-07-05 23:56 - 2012-01-21 16:33 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2015-07-05 23:54 - 2013-02-24 10:53 - 00003228 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-05 23:50 - 2012-01-21 17:05 - 00000000 ____D C:\Program Files\Dl_cats
2015-07-05 20:17 - 2014-08-27 09:46 - 00000000 ____D C:\Users\Patrice\AppData\Local\NPE
2015-07-05 19:55 - 2014-08-27 09:50 - 00000000 ____D C:\NPE
2015-07-05 19:19 - 2014-08-27 11:45 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-05 19:19 - 2011-09-25 04:54 - 00000000 ____D C:\ProgramData\Norton
2015-07-05 19:11 - 2012-01-21 16:33 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-05 19:08 - 2014-08-27 11:45 - 00001270 _____ C:\Users\Patrice\Desktop\Norton Installation Files.lnk
2015-07-03 08:20 - 2012-01-23 01:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\CrashDumps
2015-07-02 09:35 - 2012-01-21 16:05 - 00118976 _____ C:\Users\Patrice\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-02 09:21 - 2009-07-14 00:45 - 00460440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-02 09:15 - 2015-01-26 22:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-28 15:26 - 2012-01-22 18:37 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-06-25 09:21 - 2012-08-25 09:01 - 00000000 ____D C:\Windows\Minidump
2015-06-25 08:41 - 2015-03-06 23:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-23 16:01 - 2014-11-24 16:04 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieBrowserModeList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieUserList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieSiteList
2015-06-23 10:34 - 2015-03-03 13:16 - 00000000 ____D C:\ProgramData\Verizon
2015-06-17 09:58 - 2012-01-21 16:21 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPATRICE-HP$
2015-06-17 09:58 - 2012-01-21 16:21 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForPATRICE-HP$.job
 
==================== Files in the root of some directories =======
 
2012-03-18 20:07 - 2012-03-18 20:09 - 0013008 _____ () C:\Users\Patrice\AppData\Roaming\Comma Separated Values (Windows).CAL
2012-01-21 16:50 - 2013-05-15 16:13 - 0020814 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Desktop.Exception.log
2012-01-21 16:49 - 2013-05-15 16:17 - 0006437 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-01-21 16:50 - 2013-05-15 16:13 - 0006006 _____ () C:\Users\Patrice\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-06-09 14:48 - 2012-09-23 23:08 - 0000385 _____ () C:\Users\Patrice\AppData\Roaming\Rim.Transcoder.Exception.log
2013-06-15 02:40 - 2013-06-22 02:09 - 0000005 _____ () C:\Users\Patrice\AppData\Roaming\WBPU-TTL.DAT
2015-05-06 08:56 - 2015-05-06 08:56 - 0000000 ____H () C:\Users\Patrice\AppData\Local\BIT17F2.tmp
2012-01-23 01:13 - 2012-06-17 18:47 - 0024064 _____ () C:\Users\Patrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-06 08:54 - 2015-05-06 08:54 - 0000000 _____ () C:\Users\Patrice\AppData\Local\{717219CE-6B7A-4CAE-B6B6-356B0F5B2D93}
2013-04-14 17:41 - 2013-04-14 18:08 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\Patrice\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgvcagl.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-07 14:43
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Patrice at 2015-07-12 11:54:06
Running from C:\Users\Patrice\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-27582077-1071981072-3432663169-500 - Administrator - Disabled)
Guest (S-1-5-21-27582077-1071981072-3432663169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-27582077-1071981072-3432663169-1003 - Limited - Enabled)
Patrice (S-1-5-21-27582077-1071981072-3432663169-1001 - Administrator - Enabled) => C:\Users\Patrice
Tricey (S-1-5-21-27582077-1071981072-3432663169-1004 - Limited - Enabled) => C:\Users\Tricey
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Cloud Drive) (Version: 2.2.4.6 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{B4BD4DFB-0A22-43EC-A2D4-BF515E9A546F}) (Version: 6.0.0.172 - ArcSoft)
BBSAK (HKLM-x32\...\{E2B4FE1C-2CFA-47EE-A88C-A14D0FF1F0B0}) (Version: 1.9.11 - JMT Labs)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry)
BlackBerry App World Browser Plugin (HKLM-x32\...\{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}) (Version: 3.1.0.6 - Research In Motion Limited)
BlackBerry Backup Extractor (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\BlackBerry Backup Extractor) (Version: 2.0.4.0 - Reincubate Ltd)
BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{38676C9C-270F-43D1-926A-E45DE8820A6B}) (Version: 7.1.0.34 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{3CA0D836-B5E7-463D-A1C5-9F49B3E3EDE6}) (Version: 2.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citation (HKLM-x32\...\{43645D1A-34C9-459E-9FF3-82181C856137}) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDPB Installer (HKLM-x32\...\{7DD3FB68-AB3B-433D-87D6-A5649667AFDD}) (Version: 1.0.6 - Dau Den)
Dell Photo AIO Printer 944 (HKLM\...\Dell Photo AIO Printer 944) (Version:  - Dell, Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dr Paper 6.7 (HKLM-x32\...\{A40DC538-A807-4A4A-8C6F-8A598D4D79E8}) (Version:  - )
Dropbox (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
e-Rewards Plus (HKLM-x32\...\{28261AF8-00B3-4BE6-AFFD-114DB7DF5C1A}) (Version: 1.1.0.368 - e-Rewards Opinion Panel)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 5.1.2 (HKLM-x32\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fast Connect (HKLM-x32\...\ID Vault) (Version: 1.15.414.3 - White Sky)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free PDF Solutions PDF to WORD version 1.0 (HKLM-x32\...\Free PDF Solutions PDF to WORD_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Gmail Notifier (HKLM-x32\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{99CEB89F-50EC-4979-BDF6-148645D7EB35}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
MagicBerry (HKLM-x32\...\{7BB7612B-383F-422C-A605-EA0F4FB0FB7C}) (Version: 3.1.0.0 - Mena Step Innovative Solutions)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message+ (HKLM-x32\...\{e81287bb-3cf1-409f-abb0-f046c5df16cc}) (Version: 1.0.16.0 - Verizon)
Message+ (x32 Version: 1.0.16.0 - Verizon) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Print To Go 2.0 (HKLM-x32\...\Print_To_Go) (Version: 2.0.110.0 - Research In Motion)
Print To Go 2.0 (x32 Version: 2.0.110.0 - Research In Motion) Hidden
Publish to Photo Frame (HKLM-x32\...\{6E6D21BA-82D7-451A-8B2C-465B3AC9824E}) (Version: 1.0.3.0 - Roger Lipscombe)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{8A3072C3-8EA3-4CDE-B342-88E67FAB06E5}) (Version: 2.3.00.03130 - Sony Corporation)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage) <==== ATTENTION
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search App by Ask (HKLM-x32\...\{5245414C-312D-5350-00A7-A758B70C1500}) (Version: 12.21.0.116 - APN, LLC) <==== ATTENTION
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SuDoku Wiz (HKLM-x32\...\{41E0DB72-E1AB-4AA9-8C17-CF9BB8DC5B83}) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Tether 1.4.3.7 (HKLM-x32\...\{2863C12B-2A02-4258-8495-6220605B2E5C}_is1) (Version:  - Tether)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: 4.1.0 - Verizon Wireless)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zoosk Messenger (HKLM-x32\...\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1) (Version: 4.200.2 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.200.2 - Zoosk, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
01-07-2015 10:57:01 Norton Security Suite Registry
09-07-2015 09:27:35 BlackBerry 10 Desktop Software (Blend, Link, Drivers)
09-07-2015 10:14:31 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-03-28 17:17 - 00001109 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0691914B-55D1-4F6C-B7E0-36A1F117D088} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0FE55D85-14BE-406D-AF59-72D92B8CB2A8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {20EE9337-5734-41EE-90D5-04401AF76362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)
Task: {23FD187C-91CB-415B-8AB9-E510BD8EBD3F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {27AF34D3-416E-4B12-A48B-789C5A11DB42} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2B12DD05-CFF6-4551-8D01-60E50E640C28} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {2DB7E880-53EA-4479-A29C-C9BB4C73D30C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3F39135B-46AA-4E81-8A0F-779CDF18A5D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {458C9E08-C404-48BC-8665-D33BA1511163} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {494D7AC2-24A1-49A1-9C0C-95F652B4B42E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft)
Task: {4BF22A36-7F75-471B-A615-9172C1B120C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {53E4174F-AD06-4523-A79E-7378F3F2B0AE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {5491B7E1-6739-4DD8-BD6C-7719220F311D} - System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {56A1C75A-6195-44E5-B509-270EFB179A19} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {573B5F99-64AC-4357-AF7B-A3BF7E946BC9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5C8CEA35-58B4-4DAD-8E34-183D7702F6EE} - System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {61E9F04D-502D-404B-835F-7ABDCAD2AC15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A9B5091-EDF5-4071-8C1B-3094B859ED3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6F3680A5-E6B9-43FF-A7B0-20F63CCDC7C2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {71D47C4D-F4B4-4C34-A14C-4C54732D5776} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7752527A-06AE-48E2-AA6B-16143BFF7C5B} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7F214719-CD40-4621-B9BF-E612120EAF93} - System32\Tasks\HPCeeScheduleForPATRICE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8212A0E3-E110-4037-B49A-6D657386B715} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {844CCB8A-DF95-4934-9596-604143C2AED1} - System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {84CC8827-F3CD-4E51-AD65-12688DC0CD8C} - System32\Tasks\{0D2AF365-E008-4437-87BA-ADF0994AF52C} => pcalua.exe -a "C:\Users\Patrice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CP1UIZP5\wmp11-windowsxp-x64-enu.exe" -d C:\Users\Patrice\Desktop
Task: {8851657D-F0F0-49BC-B7B8-21DCCF6F189D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {8B400ADF-6584-4902-8BE4-3B6137882AE4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {8C366CD8-11F8-41FD-921F-E6D5AB0CB9E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {983F76F3-23B6-4F81-A515-5508D5C114A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {AAB6A5F1-8EF2-403C-A423-56C2F403F1F9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrice-HP-Patrice Patrice-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {AEBF0913-EF20-41AC-A9BC-BB7656F18C47} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-26] (CyberLink)
Task: {B08400F9-FDE7-477B-94BE-65A75ABC0956} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BD2BBA5F-C591-4489-B7C7-45F9BFCF683D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {BE04BE2A-1248-4442-9443-541715F7BB2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {C0BC377A-022D-4DCB-B1D9-B71C3D232A9A} - System32\Tasks\HPCeeScheduleForPatrice => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C4FA1956-98BE-4AF2-9EE6-00569C2436CF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {C9DC7D89-7A5E-446B-B94A-59708F0A689E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {D8AA3B1A-C433-40B3-92FA-FAE0C69B905B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EB28D6E8-BF82-4F7B-BEF7-EEC6101CDB84} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EF5121DF-F87A-4B52-84DA-10E6028C6772} - System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F07E1DE2-2631-4232-B08B-1DDC8C9975B4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F130A927-9F48-405C-8BC8-2879EF15DB25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5} - System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F9E4D932-9BFC-43F4-A09E-47E1047CD6C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FA3F2B99-F59B-4325-9364-144364F323EC} - System32\Tasks\{202BACAF-F173-4F58-AA6F-12067A4D7AC0} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {FB50A5D4-4C92-4004-9D43-70EB21BA28DE} - System32\Tasks\{DD6A0E8F-F01D-4034-B446-532709629370} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPATRICE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPatrice.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-09-28 07:19 - 2011-09-28 07:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-06 23:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00094208 _____ () C:\Program Files (x86)\MR APP\MRAPP.Common.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00013824 _____ () C:\Program Files (x86)\MR APP\MRAPP.Scheduler.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00272384 _____ () C:\Program Files (x86)\MR APP\C5.dll
2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-05-19 06:46 - 2015-05-19 06:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-07-06 13:01 - 2015-07-06 13:01 - 00081408 _____ () C:\Program Files (x86)\MR APP\MRAPP.UI.Resources.R23.dll
2015-03-12 13:30 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-01-21 17:05 - 2007-01-17 00:36 - 00304624 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
2015-01-01 12:26 - 2014-12-08 02:27 - 06277952 _____ () C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-02-10 04:28 - 2015-02-10 04:28 - 15281472 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
2015-02-10 04:26 - 2015-02-10 04:26 - 00160256 _____ () C:\Program Files\Verizon Cloud\libexpat.dll
2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-05-20 13:00 - 2015-05-20 13:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2011-09-28 07:19 - 2011-09-28 07:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-28 07:06 - 2011-09-28 07:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 14:42 - 2011-06-17 14:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-21 15:45 - 2014-11-26 09:45 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2015-01-26 22:17 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-26 22:17 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-26 22:17 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-26 22:17 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-26 22:17 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2012-01-21 17:05 - 2006-12-20 22:12 - 00069632 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdcfg.dll
2015-02-20 12:25 - 2015-02-20 12:25 - 00612152 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\sqlite3.DLL
2015-02-24 15:16 - 2015-02-24 15:16 - 01654272 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\VzMessagingClientLib.dll
2015-03-12 13:29 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-04-14 18:13 - 2015-04-14 18:13 - 00548152 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2015-07-12 11:00 - 2015-07-12 11:00 - 00043008 _____ () c:\users\patrice\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgvcagl.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-03-06 23:43 - 2015-05-19 16:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-03-13 10:23 - 2014-03-13 10:23 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2012-09-25 19:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 20:07 - 2014-10-29 20:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2012-01-21 23:21 - 2012-02-22 20:49 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 16285512 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll
2015-03-06 23:43 - 2015-05-19 16:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Patrice\Desktop\Leo the lion.gif:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.16.12.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{415D830B-73C1-4320-9087-73A66E3F0655}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{07115023-327E-420B-A6F6-A6BFB3682B9E}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{3721E70A-6FFE-4976-9EE0-3AA73D4BB40E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{13143E32-A081-49BF-B700-F6BC57584AB7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{14AFDF33-20AC-441A-840D-139B34623006}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FEA80950-AB6A-41C1-BD30-6B133F1AEBC7}] => (Allow) LPort=2869
FirewallRules: [{467F2F01-A144-4E38-AC29-878B64690C9B}] => (Allow) LPort=1900
FirewallRules: [{76EF3848-9FDE-40E1-8EFF-C90AA050D154}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D6DC87BC-BC28-4214-B27A-95FFD03B356B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6736D3B3-190D-42D4-955D-45C1576F965F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{2F622E74-DBE2-40DE-8D1C-E46ECA7E595B}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{DD3CFCF8-20CE-4623-9C83-24DA79757F04}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{A21D025F-6C08-4BDA-B70D-FFC5BB9B2057}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{EEDD439B-F569-42AB-96B1-05FA10A0D35E}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{931713C7-D140-4013-89AC-9F6B4A31CC1B}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{A58D2E1E-2F76-4B8A-BBDA-2BC8F04E43D0}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{BA57BFED-701E-4200-9787-EAB5C94A890F}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{298CC344-F0A3-4427-B91D-A70526234208}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{9EF90167-814B-4724-94A3-E0C2FACA13C3}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{6E83C8C5-7AF8-4AAB-B633-F7B624447C66}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{ECC37EB6-1341-4DBD-8459-FC829920471B}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{130E8DE1-8E5A-4633-947C-99AFAC4D5873}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D5D63D8D-D34A-4E10-9894-507CE791B47E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6A4BA276-8792-448B-8BBA-2802CBB112C0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{36835A69-8FC1-4E42-80DF-49580ACCD7F7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{05E6ABA8-DDF8-4876-8F0A-BA7011048A17}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1E3B8ED4-DE9C-4FCF-9661-EFCEFBB242E8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E1248FDA-2D44-469F-A93E-C5296E95FE66}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{CE98B8B0-A396-4566-A3BE-41A50C21D6CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{597439EC-6C63-446C-A810-F72CA8C1A104}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{32562F2F-44B7-4D0C-8D8D-E161B1CB1C6D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{69FB5A90-84BD-4F76-9F93-5C825975A8C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{98FC112B-AF9D-43E8-AB6C-4D5528A024CE}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{702C7FB0-F889-4ACF-A466-80881111501C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{23A7809B-BA05-4D6B-96B3-C5022F8F32D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{338FD979-E7EA-4C57-ABAB-8C6849234173}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{3279A655-0311-4B32-A10E-C3403C4430EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{EE8D1188-ED7A-48CE-B687-3A313C25BA28}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [TCP Query User{6A980CA5-1D30-4499-92AC-E433BAD7BF2A}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{63C3F65D-6461-400D-94E4-4CA801AEEB9F}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [{46726E92-A99B-4BA5-B393-28C3974D8C9E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{4AC24738-1014-44F7-BAEB-ED1536C46699}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{6535D786-846F-42F9-A90D-F1EC21E648D6}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{3C8BD9CF-08FB-44CB-AE45-97EC91C3C0EA}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{796A088D-2218-4321-8405-7B28ABE34799}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{7937220F-9362-4B18-8F0E-B7B29618864D}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{76BCDE70-9D5B-4E58-A2EC-F5480B16F96E}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{FD84FFAD-B22F-40E4-98E2-E97BBED4187B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{A0A066B2-6021-4FCB-902E-8CFFB36C1180}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33438288-88DB-4E5E-9546-446EDCE5568A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{1BC6671F-0930-4C2D-BDF0-A8A8F0A92D31}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33E04E4E-F141-4BD4-AE2D-A4FDA1A0344E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{260E909E-A450-4AB4-87A2-C1061ACBAA1A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B6548AE4-4CF9-4DD4-B4B5-797FBB42EACB}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{80D1B8A8-6511-4C24-A86C-CC0C5BAFB3E0}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E762E263-9427-4D2C-9B6D-8639906779A5}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2D71BC31-1642-40C9-B4E1-BCACF45258F3}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3EFB532C-3D57-43AF-9442-90BC6F11ED09}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{BCA244BD-D988-45BD-A928-6BA10A7B3EEB}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{EC87FB97-6339-4471-9D5E-05D6A7B2B613}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{9C12CA3F-5227-4A8C-8D44-F2E83ACAF291}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{BCCDD196-5BF9-4F68-8471-462C0D8B534D}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{760BC7A2-5D87-4F9F-B411-3E0DD60126AF}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{1F4599B0-A4FE-4E4D-9ED8-20C3401F1431}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{4632207F-42DC-4767-BD61-89FC255C1AC9}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{1FC30A5B-3189-4B0D-B083-FD8F31CF6DB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A72814D1-7DCA-4154-B600-656A0F9A748B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{6640EBD5-09DE-4AAB-8D3D-3390B6D15E8B}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{3F92806A-100D-4E45-985E-313514AD6D2D}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{C2BCB992-68F1-4909-A5A3-F7ACFBAB692C}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{4BAFF365-4EE9-47E5-9646-7CF52EA2721C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C1A33772-D194-4BA6-BD8D-5502A00C93B3}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{101A0BD1-53FA-4620-BF9F-FE47EF76D77A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{2D648865-0EA3-4567-91F3-818E348BE000}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{EF511BB6-3659-4E3E-9FE0-848481F96DE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2C295E42-5392-4CD3-8DBC-F257102FB17E}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{3B6F0094-FA13-4C29-9D11-355BA1FDC1D4}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{2DCB60FF-A8A0-4D7C-B005-4999F29BB965}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{35B8714D-3F4D-490B-A52A-FBCB951A4996}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{31411C0C-8E54-4C56-94B5-7BE60C47ADE3}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{82BC6CDF-DD90-457B-B530-1F0405E836A5}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{22BB76D8-64C9-4D56-B802-3D608AB156A6}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
FirewallRules: [{7AB0FEC3-E1A9-4372-BD19-E2A77E2CA955}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
FirewallRules: [{99352C68-7FF0-45A6-9351-D80D7D0323CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{041455E1-DDBC-4EE5-8595-554BFCDB7FFD}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.UI.exe
FirewallRules: [{2DD8B2F6-3224-431B-A84C-E803A0241149}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe
FirewallRules: [{14CA4FC9-0071-455D-8E99-429356409D55}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe
FirewallRules: [{B29938D5-39D6-4C42-ABC9-5C773EE2866D}] => (Allow) tunmgr.exe
FirewallRules: [{A55171E1-EAB8-42AF-BB67-907F94B6BB52}] => (Allow) tunmgr.exe
FirewallRules: [{D6152D52-AB57-429E-8B38-54DE0FD48D49}] => (Allow) mDNSResponder.exe
FirewallRules: [{FD639173-2069-40EC-8F4E-1662FE365257}] => (Allow) mDNSResponder.exe
FirewallRules: [{95695335-563C-4F0B-B847-1E70D49ECF89}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{84B7BFF5-FD15-4F3D-913E-F65D5A8BC327}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe
FirewallRules: [{1EE17B95-9CF7-4355-B7F7-A89932F68831}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Tether Ethernet Adapter
Description: Tether Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Tether
Service: qrkis
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/12/2015 11:04:41 AM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007048f
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
 
Error: (07/12/2015 11:00:10 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 552: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
 
System errors:
=============
Error: (07/12/2015 11:55:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:55:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:55:05 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:55 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
 
Microsoft Office:
=========================
Error: (07/12/2015 11:04:41 AM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007048f
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/12/2015 11:00:10 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 552: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-30 10:28:14.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:13.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-3300M APU with Radeon™ HD Graphics
Percentage of memory in use: 96%
Total physical RAM: 3561.41 MB
Available physical RAM: 132.72 MB
Total Virtual: 7121.02 MB
Available Virtual: 2924.74 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:451.54 GB) (Free:73.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.93 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C2B9383B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Patrice at 2015-07-12 11:54:06
Running from C:\Users\Patrice\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-27582077-1071981072-3432663169-500 - Administrator - Disabled)
Guest (S-1-5-21-27582077-1071981072-3432663169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-27582077-1071981072-3432663169-1003 - Limited - Enabled)
Patrice (S-1-5-21-27582077-1071981072-3432663169-1001 - Administrator - Enabled) => C:\Users\Patrice
Tricey (S-1-5-21-27582077-1071981072-3432663169-1004 - Limited - Enabled) => C:\Users\Tricey
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Cloud Drive) (Version: 2.2.4.6 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{B4BD4DFB-0A22-43EC-A2D4-BF515E9A546F}) (Version: 6.0.0.172 - ArcSoft)
BBSAK (HKLM-x32\...\{E2B4FE1C-2CFA-47EE-A88C-A14D0FF1F0B0}) (Version: 1.9.11 - JMT Labs)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry)
BlackBerry App World Browser Plugin (HKLM-x32\...\{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}) (Version: 3.1.0.6 - Research In Motion Limited)
BlackBerry Backup Extractor (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\BlackBerry Backup Extractor) (Version: 2.0.4.0 - Reincubate Ltd)
BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{38676C9C-270F-43D1-926A-E45DE8820A6B}) (Version: 7.1.0.34 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{AEDA8713-5521-4600-9AC2-81674A9EDC4F}) (Version: 2.2.7689 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{3CA0D836-B5E7-463D-A1C5-9F49B3E3EDE6}) (Version: 2.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citation (HKLM-x32\...\{43645D1A-34C9-459E-9FF3-82181C856137}) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDPB Installer (HKLM-x32\...\{7DD3FB68-AB3B-433D-87D6-A5649667AFDD}) (Version: 1.0.6 - Dau Den)
Dell Photo AIO Printer 944 (HKLM\...\Dell Photo AIO Printer 944) (Version:  - Dell, Inc.)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dr Paper 6.7 (HKLM-x32\...\{A40DC538-A807-4A4A-8C6F-8A598D4D79E8}) (Version:  - )
Dropbox (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
e-Rewards Plus (HKLM-x32\...\{28261AF8-00B3-4BE6-AFFD-114DB7DF5C1A}) (Version: 1.1.0.368 - e-Rewards Opinion Panel)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 5.1.2 (HKLM-x32\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fast Connect (HKLM-x32\...\ID Vault) (Version: 1.15.414.3 - White Sky)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free PDF Solutions PDF to WORD version 1.0 (HKLM-x32\...\Free PDF Solutions PDF to WORD_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Gmail Notifier (HKLM-x32\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{99CEB89F-50EC-4979-BDF6-148645D7EB35}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
MagicBerry (HKLM-x32\...\{7BB7612B-383F-422C-A605-EA0F4FB0FB7C}) (Version: 3.1.0.0 - Mena Step Innovative Solutions)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message+ (HKLM-x32\...\{e81287bb-3cf1-409f-abb0-f046c5df16cc}) (Version: 1.0.16.0 - Verizon)
Message+ (x32 Version: 1.0.16.0 - Verizon) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Print To Go 2.0 (HKLM-x32\...\Print_To_Go) (Version: 2.0.110.0 - Research In Motion)
Print To Go 2.0 (x32 Version: 2.0.110.0 - Research In Motion) Hidden
Publish to Photo Frame (HKLM-x32\...\{6E6D21BA-82D7-451A-8B2C-465B3AC9824E}) (Version: 1.0.3.0 - Roger Lipscombe)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{8A3072C3-8EA3-4CDE-B342-88E67FAB06E5}) (Version: 2.3.00.03130 - Sony Corporation)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage) <==== ATTENTION
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search App by Ask (HKLM-x32\...\{5245414C-312D-5350-00A7-A758B70C1500}) (Version: 12.21.0.116 - APN, LLC) <==== ATTENTION
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SuDoku Wiz (HKLM-x32\...\{41E0DB72-E1AB-4AA9-8C17-CF9BB8DC5B83}) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Tether 1.4.3.7 (HKLM-x32\...\{2863C12B-2A02-4258-8495-6220605B2E5C}_is1) (Version:  - Tether)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verizon Cloud (HKLM-x32\...\Verizon Cloud) (Version: 4.1.0 - Verizon Wireless)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zoosk Messenger (HKLM-x32\...\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1) (Version: 4.200.2 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.200.2 - Zoosk, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-27582077-1071981072-3432663169-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrice\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
01-07-2015 10:57:01 Norton Security Suite Registry
09-07-2015 09:27:35 BlackBerry 10 Desktop Software (Blend, Link, Drivers)
09-07-2015 10:14:31 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-03-28 17:17 - 00001109 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0691914B-55D1-4F6C-B7E0-36A1F117D088} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0FE55D85-14BE-406D-AF59-72D92B8CB2A8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {20EE9337-5734-41EE-90D5-04401AF76362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)
Task: {23FD187C-91CB-415B-8AB9-E510BD8EBD3F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {27AF34D3-416E-4B12-A48B-789C5A11DB42} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2B12DD05-CFF6-4551-8D01-60E50E640C28} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {2DB7E880-53EA-4479-A29C-C9BB4C73D30C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3F39135B-46AA-4E81-8A0F-779CDF18A5D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {458C9E08-C404-48BC-8665-D33BA1511163} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {494D7AC2-24A1-49A1-9C0C-95F652B4B42E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft)
Task: {4BF22A36-7F75-471B-A615-9172C1B120C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {53E4174F-AD06-4523-A79E-7378F3F2B0AE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {5491B7E1-6739-4DD8-BD6C-7719220F311D} - System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {56A1C75A-6195-44E5-B509-270EFB179A19} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {573B5F99-64AC-4357-AF7B-A3BF7E946BC9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5C8CEA35-58B4-4DAD-8E34-183D7702F6EE} - System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {61E9F04D-502D-404B-835F-7ABDCAD2AC15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6A9B5091-EDF5-4071-8C1B-3094B859ED3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6F3680A5-E6B9-43FF-A7B0-20F63CCDC7C2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {71D47C4D-F4B4-4C34-A14C-4C54732D5776} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7752527A-06AE-48E2-AA6B-16143BFF7C5B} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7F214719-CD40-4621-B9BF-E612120EAF93} - System32\Tasks\HPCeeScheduleForPATRICE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {8212A0E3-E110-4037-B49A-6D657386B715} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {844CCB8A-DF95-4934-9596-604143C2AED1} - System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {84CC8827-F3CD-4E51-AD65-12688DC0CD8C} - System32\Tasks\{0D2AF365-E008-4437-87BA-ADF0994AF52C} => pcalua.exe -a "C:\Users\Patrice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CP1UIZP5\wmp11-windowsxp-x64-enu.exe" -d C:\Users\Patrice\Desktop
Task: {8851657D-F0F0-49BC-B7B8-21DCCF6F189D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {8B400ADF-6584-4902-8BE4-3B6137882AE4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {8C366CD8-11F8-41FD-921F-E6D5AB0CB9E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {983F76F3-23B6-4F81-A515-5508D5C114A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {AAB6A5F1-8EF2-403C-A423-56C2F403F1F9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrice-HP-Patrice Patrice-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {AEBF0913-EF20-41AC-A9BC-BB7656F18C47} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-26] (CyberLink)
Task: {B08400F9-FDE7-477B-94BE-65A75ABC0956} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA => C:\Users\Patrice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BD2BBA5F-C591-4489-B7C7-45F9BFCF683D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {BE04BE2A-1248-4442-9443-541715F7BB2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {C0BC377A-022D-4DCB-B1D9-B71C3D232A9A} - System32\Tasks\HPCeeScheduleForPatrice => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C4FA1956-98BE-4AF2-9EE6-00569C2436CF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {C9DC7D89-7A5E-446B-B94A-59708F0A689E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
Task: {D8AA3B1A-C433-40B3-92FA-FAE0C69B905B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {EB28D6E8-BF82-4F7B-BEF7-EEC6101CDB84} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EF5121DF-F87A-4B52-84DA-10E6028C6772} - System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F07E1DE2-2631-4232-B08B-1DDC8C9975B4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-27582077-1071981072-3432663169-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {F130A927-9F48-405C-8BC8-2879EF15DB25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5} - System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F9E4D932-9BFC-43F4-A09E-47E1047CD6C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FA3F2B99-F59B-4325-9364-144364F323EC} - System32\Tasks\{202BACAF-F173-4F58-AA6F-12067A4D7AC0} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {FB50A5D4-4C92-4004-9D43-70EB21BA28DE} - System32\Tasks\{DD6A0E8F-F01D-4034-B446-532709629370} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001Core.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-27582077-1071981072-3432663169-1001UA.job => C:\Users\Patrice\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPATRICE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPatrice.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-09-28 07:19 - 2011-09-28 07:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-06 23:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00094208 _____ () C:\Program Files (x86)\MR APP\MRAPP.Common.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00013824 _____ () C:\Program Files (x86)\MR APP\MRAPP.Scheduler.dll
2015-07-06 13:01 - 2015-07-06 13:01 - 00272384 _____ () C:\Program Files (x86)\MR APP\C5.dll
2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-05-19 06:46 - 2015-05-19 06:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-07-06 13:01 - 2015-07-06 13:01 - 00081408 _____ () C:\Program Files (x86)\MR APP\MRAPP.UI.Resources.R23.dll
2015-03-12 13:30 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-01-21 17:05 - 2007-01-17 00:36 - 00304624 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\memcard.exe
2015-01-01 12:26 - 2014-12-08 02:27 - 06277952 _____ () C:\Users\Patrice\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-02-10 04:28 - 2015-02-10 04:28 - 15281472 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
2015-02-10 04:26 - 2015-02-10 04:26 - 00160256 _____ () C:\Program Files\Verizon Cloud\libexpat.dll
2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-05-20 13:00 - 2015-05-20 13:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2011-09-28 07:19 - 2011-09-28 07:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-28 07:06 - 2011-09-28 07:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 14:42 - 2011-06-17 14:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-07-21 15:45 - 2014-11-26 09:45 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2015-01-26 22:17 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-26 22:17 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-26 22:17 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-26 22:17 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-26 22:17 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2012-01-21 17:05 - 2006-12-20 22:12 - 00069632 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdcfg.dll
2015-02-20 12:25 - 2015-02-20 12:25 - 00612152 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\sqlite3.DLL
2015-02-24 15:16 - 2015-02-24 15:16 - 01654272 _____ () C:\Program Files (x86)\Verizon\Verizon Messages\VzMessagingClientLib.dll
2015-03-12 13:29 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-04-14 18:13 - 2015-04-14 18:13 - 00548152 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2015-07-12 11:00 - 2015-07-12 11:00 - 00043008 _____ () c:\users\patrice\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgvcagl.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-16 09:30 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Patrice\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-01-22 14:29 - 2014-01-22 14:29 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-03-06 23:43 - 2015-05-19 16:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-03-13 10:23 - 2014-03-13 10:23 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-03-13 10:24 - 2014-03-13 10:24 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2012-09-25 19:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 20:07 - 2014-10-29 20:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2012-01-21 23:21 - 2012-02-22 20:49 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-07-07 13:56 - 2015-07-06 23:49 - 16285512 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll
2015-03-06 23:43 - 2015-05-19 16:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Patrice\Desktop\Leo the lion.gif:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.16.12.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{415D830B-73C1-4320-9087-73A66E3F0655}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{07115023-327E-420B-A6F6-A6BFB3682B9E}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{3721E70A-6FFE-4976-9EE0-3AA73D4BB40E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{13143E32-A081-49BF-B700-F6BC57584AB7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{14AFDF33-20AC-441A-840D-139B34623006}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FEA80950-AB6A-41C1-BD30-6B133F1AEBC7}] => (Allow) LPort=2869
FirewallRules: [{467F2F01-A144-4E38-AC29-878B64690C9B}] => (Allow) LPort=1900
FirewallRules: [{76EF3848-9FDE-40E1-8EFF-C90AA050D154}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D6DC87BC-BC28-4214-B27A-95FFD03B356B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6736D3B3-190D-42D4-955D-45C1576F965F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{2F622E74-DBE2-40DE-8D1C-E46ECA7E595B}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{DD3CFCF8-20CE-4623-9C83-24DA79757F04}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{A21D025F-6C08-4BDA-B70D-FFC5BB9B2057}] => (Allow) C:\Windows\SysWOW64\dlcdcoms.exe
FirewallRules: [{EEDD439B-F569-42AB-96B1-05FA10A0D35E}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{931713C7-D140-4013-89AC-9F6B4A31CC1B}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{A58D2E1E-2F76-4B8A-BBDA-2BC8F04E43D0}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{BA57BFED-701E-4200-9787-EAB5C94A890F}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\dlcdpswx.exe
FirewallRules: [{298CC344-F0A3-4427-B91D-A70526234208}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{9EF90167-814B-4724-94A3-E0C2FACA13C3}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdmon.exe
FirewallRules: [{6E83C8C5-7AF8-4AAB-B633-F7B624447C66}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{ECC37EB6-1341-4DBD-8459-FC829920471B}] => (Allow) C:\Program Files (x86)\Dell Photo AIO Printer 944\dlcdaiox.exe
FirewallRules: [{130E8DE1-8E5A-4633-947C-99AFAC4D5873}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D5D63D8D-D34A-4E10-9894-507CE791B47E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6A4BA276-8792-448B-8BBA-2802CBB112C0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{36835A69-8FC1-4E42-80DF-49580ACCD7F7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{05E6ABA8-DDF8-4876-8F0A-BA7011048A17}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1E3B8ED4-DE9C-4FCF-9661-EFCEFBB242E8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E1248FDA-2D44-469F-A93E-C5296E95FE66}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{CE98B8B0-A396-4566-A3BE-41A50C21D6CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{597439EC-6C63-446C-A810-F72CA8C1A104}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{32562F2F-44B7-4D0C-8D8D-E161B1CB1C6D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{69FB5A90-84BD-4F76-9F93-5C825975A8C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{98FC112B-AF9D-43E8-AB6C-4D5528A024CE}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{702C7FB0-F889-4ACF-A466-80881111501C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{23A7809B-BA05-4D6B-96B3-C5022F8F32D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{338FD979-E7EA-4C57-ABAB-8C6849234173}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{3279A655-0311-4B32-A10E-C3403C4430EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{EE8D1188-ED7A-48CE-B687-3A313C25BA28}] => (Allow) C:\Program Files (x86)\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [TCP Query User{6A980CA5-1D30-4499-92AC-E433BAD7BF2A}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{63C3F65D-6461-400D-94E4-4CA801AEEB9F}C:\users\patrice\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrice\appdata\roaming\spotify\spotify.exe
FirewallRules: [{46726E92-A99B-4BA5-B393-28C3974D8C9E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{4AC24738-1014-44F7-BAEB-ED1536C46699}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{6535D786-846F-42F9-A90D-F1EC21E648D6}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{3C8BD9CF-08FB-44CB-AE45-97EC91C3C0EA}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{796A088D-2218-4321-8405-7B28ABE34799}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{7937220F-9362-4B18-8F0E-B7B29618864D}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{76BCDE70-9D5B-4E58-A2EC-F5480B16F96E}] => (Allow) C:\Program Files (x86)\Shop to Win 31\TroubleShooter.exe
FirewallRules: [{FD84FFAD-B22F-40E4-98E2-E97BBED4187B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{A0A066B2-6021-4FCB-902E-8CFFB36C1180}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33438288-88DB-4E5E-9546-446EDCE5568A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{1BC6671F-0930-4C2D-BDF0-A8A8F0A92D31}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33E04E4E-F141-4BD4-AE2D-A4FDA1A0344E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{260E909E-A450-4AB4-87A2-C1061ACBAA1A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{B6548AE4-4CF9-4DD4-B4B5-797FBB42EACB}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{80D1B8A8-6511-4C24-A86C-CC0C5BAFB3E0}] => (Allow) C:\Users\Patrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E762E263-9427-4D2C-9B6D-8639906779A5}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2D71BC31-1642-40C9-B4E1-BCACF45258F3}C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\patrice\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3EFB532C-3D57-43AF-9442-90BC6F11ED09}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{BCA244BD-D988-45BD-A928-6BA10A7B3EEB}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{EC87FB97-6339-4471-9D5E-05D6A7B2B613}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{9C12CA3F-5227-4A8C-8D44-F2E83ACAF291}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{BCCDD196-5BF9-4F68-8471-462C0D8B534D}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{760BC7A2-5D87-4F9F-B411-3E0DD60126AF}] => (Allow) C:\Users\Patrice\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{1F4599B0-A4FE-4E4D-9ED8-20C3401F1431}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{4632207F-42DC-4767-BD61-89FC255C1AC9}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{1FC30A5B-3189-4B0D-B083-FD8F31CF6DB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A72814D1-7DCA-4154-B600-656A0F9A748B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{6640EBD5-09DE-4AAB-8D3D-3390B6D15E8B}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{3F92806A-100D-4E45-985E-313514AD6D2D}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{C2BCB992-68F1-4909-A5A3-F7ACFBAB692C}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{4BAFF365-4EE9-47E5-9646-7CF52EA2721C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C1A33772-D194-4BA6-BD8D-5502A00C93B3}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{101A0BD1-53FA-4620-BF9F-FE47EF76D77A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{2D648865-0EA3-4567-91F3-818E348BE000}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{EF511BB6-3659-4E3E-9FE0-848481F96DE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2C295E42-5392-4CD3-8DBC-F257102FB17E}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{3B6F0094-FA13-4C29-9D11-355BA1FDC1D4}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSB0D9.tmp\SymNRT.exe
FirewallRules: [{2DCB60FF-A8A0-4D7C-B005-4999F29BB965}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{35B8714D-3F4D-490B-A52A-FBCB951A4996}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zSCC35.tmp\SymNRT.exe
FirewallRules: [{31411C0C-8E54-4C56-94B5-7BE60C47ADE3}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{82BC6CDF-DD90-457B-B530-1F0405E836A5}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS7FEA.tmp\SymNRT.exe
FirewallRules: [{22BB76D8-64C9-4D56-B802-3D608AB156A6}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
FirewallRules: [{7AB0FEC3-E1A9-4372-BD19-E2A77E2CA955}] => (Allow) C:\Users\Patrice\AppData\Local\Temp\7zS8C58.tmp\SymNRT.exe
FirewallRules: [{99352C68-7FF0-45A6-9351-D80D7D0323CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{041455E1-DDBC-4EE5-8595-554BFCDB7FFD}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.UI.exe
FirewallRules: [{2DD8B2F6-3224-431B-A84C-E803A0241149}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe
FirewallRules: [{14CA4FC9-0071-455D-8E99-429356409D55}] => (Allow) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe
FirewallRules: [{B29938D5-39D6-4C42-ABC9-5C773EE2866D}] => (Allow) tunmgr.exe
FirewallRules: [{A55171E1-EAB8-42AF-BB67-907F94B6BB52}] => (Allow) tunmgr.exe
FirewallRules: [{D6152D52-AB57-429E-8B38-54DE0FD48D49}] => (Allow) mDNSResponder.exe
FirewallRules: [{FD639173-2069-40EC-8F4E-1662FE365257}] => (Allow) mDNSResponder.exe
FirewallRules: [{95695335-563C-4F0B-B847-1E70D49ECF89}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{84B7BFF5-FD15-4F3D-913E-F65D5A8BC327}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe
FirewallRules: [{1EE17B95-9CF7-4355-B7F7-A89932F68831}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Tether Ethernet Adapter
Description: Tether Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Tether
Service: qrkis
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/12/2015 11:04:41 AM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007048f
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.
 
Error: (07/12/2015 11:00:10 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 552: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
 
System errors:
=============
Error: (07/12/2015 11:55:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:55:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:55:05 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
Error: (07/12/2015 11:54:55 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:55 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630203
 
Error: (07/12/2015 11:54:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140995069
 
 
Microsoft Office:
=========================
Error: (07/12/2015 11:04:41 AM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007048f
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/12/2015 11:03:18 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/12/2015 11:00:10 AM) (Source: IDVault) (EventID: 0) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 568: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 552: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (The operation completed successfully.)
 
Error: (07/12/2015 10:24:42 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-30 10:28:14.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.839
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:14.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-07-30 10:28:13.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\SFT\GuardedID\x64\GIDHook64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-3300M APU with Radeon™ HD Graphics
Percentage of memory in use: 96%
Total physical RAM: 3561.41 MB
Available physical RAM: 132.72 MB
Total Virtual: 7121.02 MB
Available Virtual: 2924.74 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:451.54 GB) (Free:73.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.93 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C2B9383B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of log ============================

  • 0

#4
Essexboy
Posted 12 July 2015 - 10:39 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know what problems you are having after these runs

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {4e329d68-b1f1-11e1-9fd7-ec9a74480ea3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\drivers\setup.exe
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {68ed2a5c-263a-11e5-bd3d-02b0d8500501} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.exe
HKU\S-1-5-18\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\S-1-5-18\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f
ProxyEnable: [S-1-5-21-27582077-1071981072-3432663169-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-27582077-1071981072-3432663169-1001] => http=127.0.0.1:16110;https=127.0.0.1:16110
R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2015-07-06] (Digital Market Research Apps Pty Ltd) [File not signed]
2015-07-10 08:57 - 2015-07-12 10:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{7133FD67-D4DB-4C32-A78B-A44512EADF7A}
2015-07-09 12:58 - 2015-07-09 12:58 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6AFB8A4A-7041-4161-B601-99EF8C8A7917}
2015-07-09 08:45 - 2015-07-09 08:45 - 00000000 ____D C:\Program Files (x86)\MR APP
2015-07-08 09:01 - 2015-07-08 23:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6DCB465D-D22B-447E-8BE7-51D1ACEF093F}
2015-07-07 13:32 - 2015-07-07 13:32 - 00000000 ____D C:\Users\Patrice\AppData\Local\{9B5B3E18-A0F2-4F8F-9887-33528DBDF661}
2015-07-06 13:30 - 2015-07-07 01:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{F7C0E25B-95EE-4E58-A84B-D4223E6C9259}
2015-07-06 09:01 - 2015-07-06 09:01 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E72D8CB9-93EE-44A0-877E-9AE325F0EA2C}
2015-07-05 17:20 - 2015-07-10 09:22 - 00023247 _____ C:\Windows\system32\ScanResults.xml
2015-07-05 17:05 - 2015-07-10 09:10 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-05 17:03 - 2015-07-05 17:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1631E3FC-3ACF-4B90-BE51-A649AB422134}
2015-07-04 15:08 - 2015-07-04 15:08 - 00000000 ____D C:\Users\Patrice\AppData\Local\{2C2CB7EE-0483-44E6-A67A-DFA25361A4E7}
2015-07-03 08:17 - 2015-07-03 08:17 - 00000000 ____D C:\Users\Patrice\AppData\Local\{C2D359DB-5773-406A-8EFB-2CCAD2392076}
2015-07-02 08:38 - 2015-07-02 08:39 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E41D08B3-DFD3-4CC2-8214-A4ED2A0D8F2E}
2015-07-01 14:37 - 2015-07-01 14:37 - 01642566 _____ C:\Users\Patrice\Downloads\Snap-2_0_0_2 (4).bar
2015-07-01 10:54 - 2015-07-01 11:03 - 00000000 ____D C:\Program Files\Reimage
2015-07-01 10:54 - 2015-07-01 10:55 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-07-01 10:54 - 2015-07-01 10:54 - 00004282 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-07-01 10:53 - 2015-07-01 10:55 - 00000156 _____ C:\Windows\Reimage.ini
2015-07-01 10:53 - 2015-07-01 10:53 - 00772016 _____ (Reimage®) C:\Users\Patrice\Downloads\ReimageRepair.exe
2015-07-01 10:29 - 2015-07-01 11:01 - 00000000 ____D C:\Program Files (x86)\PCFixKit
2015-07-01 10:29 - 2015-07-01 10:29 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\PCFixKit
2015-06-29 21:31 - 2015-07-01 08:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{A1C6C12F-9F45-4CAB-B0CB-68210E1D5CAF}
2015-06-29 09:26 - 2015-06-29 09:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{436E4563-FD47-4413-AB20-1DDA6A3BF872}
2015-06-28 15:21 - 2015-06-28 15:21 - 00000000 ____D C:\Users\Patrice\AppData\Local\{DB415AB1-D264-460D-BABB-D55D8C8DCAEC}
2015-06-26 21:12 - 2015-06-27 21:09 - 00000000 ____D C:\Users\Patrice\AppData\Local\{35D9F5B9-9FD6-44C3-B0F6-B0C1D1C0ABBC}
2015-06-25 08:08 - 2015-06-26 08:45 - 00000000 ____D C:\Users\Patrice\AppData\Local\{123F0186-3E58-44F5-83B5-F71512E5978C}
2015-06-23 20:05 - 2015-06-24 08:06 - 00000000 ____D C:\Users\Patrice\AppData\Local\{CFCAD671-4D19-4342-80A8-A894E7DA9E3B}
2015-07-09 08:51 - 2015-03-25 12:11 - 00000000 ____D C:\ProgramData\MR APP
2015-06-23 16:01 - 2014-11-24 16:04 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieBrowserModeList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieUserList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieSiteList
2015-05-06 08:54 - 2015-05-06 08:54 - 0000000 _____ () C:\Users\Patrice\AppData\Local\{717219CE-6B7A-4CAE-B6B6-356B0F5B2D93}
Task: {0FE55D85-14BE-406D-AF59-72D92B8CB2A8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {5491B7E1-6739-4DD8-BD6C-7719220F311D} - System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {5C8CEA35-58B4-4DAD-8E34-183D7702F6EE} - System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {844CCB8A-DF95-4934-9596-604143C2AED1} - System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {EF5121DF-F87A-4B52-84DA-10E6028C6772} - System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5} - System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => C:\Users\Public\Documents\microsoft\X17-30021.exe
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#5
mspatrice71
Posted 13 July 2015 - 07:32 AM

mspatrice71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Patrice at 2015-07-13 09:10:06 Run:1
Running from C:\Users\Patrice\Desktop
Loaded Profiles: Patrice (Available Profiles: Patrice & Tricey)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {4e329d68-b1f1-11e1-9fd7-ec9a74480ea3} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\drivers\setup.exe
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\...\MountPoints2: {68ed2a5c-263a-11e5-bd3d-02b0d8500501} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.exe
HKU\S-1-5-18\...\RunOnce: [adaware] => reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
HKU\S-1-5-18\...\RunOnce: [adaware_XP] => reg.exe delete "HKCU\Software\adaware" /f
ProxyEnable: [S-1-5-21-27582077-1071981072-3432663169-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-27582077-1071981072-3432663169-1001] => http=127.0.0.1:16110;https=127.0.0.1:16110
R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2015-07-06] (Digital Market Research Apps Pty Ltd) [File not signed]
2015-07-10 08:57 - 2015-07-12 10:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{7133FD67-D4DB-4C32-A78B-A44512EADF7A}
2015-07-09 12:58 - 2015-07-09 12:58 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6AFB8A4A-7041-4161-B601-99EF8C8A7917}
2015-07-09 08:45 - 2015-07-09 08:45 - 00000000 ____D C:\Program Files (x86)\MR APP
2015-07-08 09:01 - 2015-07-08 23:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{6DCB465D-D22B-447E-8BE7-51D1ACEF093F}
2015-07-07 13:32 - 2015-07-07 13:32 - 00000000 ____D C:\Users\Patrice\AppData\Local\{9B5B3E18-A0F2-4F8F-9887-33528DBDF661}
2015-07-06 13:30 - 2015-07-07 01:31 - 00000000 ____D C:\Users\Patrice\AppData\Local\{F7C0E25B-95EE-4E58-A84B-D4223E6C9259}
2015-07-06 09:01 - 2015-07-06 09:01 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E72D8CB9-93EE-44A0-877E-9AE325F0EA2C}
2015-07-05 17:20 - 2015-07-10 09:22 - 00023247 _____ C:\Windows\system32\ScanResults.xml
2015-07-05 17:05 - 2015-07-10 09:10 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-05 17:03 - 2015-07-05 17:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{1631E3FC-3ACF-4B90-BE51-A649AB422134}
2015-07-04 15:08 - 2015-07-04 15:08 - 00000000 ____D C:\Users\Patrice\AppData\Local\{2C2CB7EE-0483-44E6-A67A-DFA25361A4E7}
2015-07-03 08:17 - 2015-07-03 08:17 - 00000000 ____D C:\Users\Patrice\AppData\Local\{C2D359DB-5773-406A-8EFB-2CCAD2392076}
2015-07-02 08:38 - 2015-07-02 08:39 - 00000000 ____D C:\Users\Patrice\AppData\Local\{E41D08B3-DFD3-4CC2-8214-A4ED2A0D8F2E}
2015-07-01 14:37 - 2015-07-01 14:37 - 01642566 _____ C:\Users\Patrice\Downloads\Snap-2_0_0_2 (4).bar
2015-07-01 10:54 - 2015-07-01 11:03 - 00000000 ____D C:\Program Files\Reimage
2015-07-01 10:54 - 2015-07-01 10:55 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-07-01 10:54 - 2015-07-01 10:54 - 00004282 _____ C:\Windows\System32\Tasks\ReimageUpdater
2015-07-01 10:53 - 2015-07-01 10:55 - 00000156 _____ C:\Windows\Reimage.ini
2015-07-01 10:53 - 2015-07-01 10:53 - 00772016 _____ (Reimage®) C:\Users\Patrice\Downloads\ReimageRepair.exe
2015-07-01 10:29 - 2015-07-01 11:01 - 00000000 ____D C:\Program Files (x86)\PCFixKit
2015-07-01 10:29 - 2015-07-01 10:29 - 00000000 ____D C:\Users\Patrice\AppData\Roaming\PCFixKit
2015-06-29 21:31 - 2015-07-01 08:03 - 00000000 ____D C:\Users\Patrice\AppData\Local\{A1C6C12F-9F45-4CAB-B0CB-68210E1D5CAF}
2015-06-29 09:26 - 2015-06-29 09:26 - 00000000 ____D C:\Users\Patrice\AppData\Local\{436E4563-FD47-4413-AB20-1DDA6A3BF872}
2015-06-28 15:21 - 2015-06-28 15:21 - 00000000 ____D C:\Users\Patrice\AppData\Local\{DB415AB1-D264-460D-BABB-D55D8C8DCAEC}
2015-06-26 21:12 - 2015-06-27 21:09 - 00000000 ____D C:\Users\Patrice\AppData\Local\{35D9F5B9-9FD6-44C3-B0F6-B0C1D1C0ABBC}
2015-06-25 08:08 - 2015-06-26 08:45 - 00000000 ____D C:\Users\Patrice\AppData\Local\{123F0186-3E58-44F5-83B5-F71512E5978C}
2015-06-23 20:05 - 2015-06-24 08:06 - 00000000 ____D C:\Users\Patrice\AppData\Local\{CFCAD671-4D19-4342-80A8-A894E7DA9E3B}
2015-07-09 08:51 - 2015-03-25 12:11 - 00000000 ____D C:\ProgramData\MR APP
2015-06-23 16:01 - 2014-11-24 16:04 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieBrowserModeList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieUserList
2015-06-23 16:01 - 2014-06-20 19:15 - 00000000 __SHD C:\Users\Patrice\AppData\Local\EmieSiteList
2015-05-06 08:54 - 2015-05-06 08:54 - 0000000 _____ () C:\Users\Patrice\AppData\Local\{717219CE-6B7A-4CAE-B6B6-356B0F5B2D93}
Task: {0FE55D85-14BE-406D-AF59-72D92B8CB2A8} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {5491B7E1-6739-4DD8-BD6C-7719220F311D} - System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {5C8CEA35-58B4-4DAD-8E34-183D7702F6EE} - System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {844CCB8A-DF95-4934-9596-604143C2AED1} - System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {EF5121DF-F87A-4B52-84DA-10E6028C6772} - System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => C:\Users\Public\Documents\microsoft\X17-30021.exe
Task: {F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5} - System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => C:\Users\Public\Documents\microsoft\X17-30021.exe
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e329d68-b1f1-11e1-9fd7-ec9a74480ea3}" => key removed successfully
HKCR\CLSID\{4e329d68-b1f1-11e1-9fd7-ec9a74480ea3} => key not found. 
"HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68ed2a5c-263a-11e5-bd3d-02b0d8500501}" => key removed successfully
HKCR\CLSID\{68ed2a5c-263a-11e5-bd3d-02b0d8500501} => key not found. 
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware_XP => value removed successfully
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
TransferService => Service stopped successfully.
TransferService => Service removed successfully
C:\Users\Patrice\AppData\Local\{7133FD67-D4DB-4C32-A78B-A44512EADF7A} => moved successfully.
C:\Users\Patrice\AppData\Local\{6AFB8A4A-7041-4161-B601-99EF8C8A7917} => moved successfully.
 
"C:\Program Files (x86)\MR APP" folder move:
 
Could not move "C:\Program Files (x86)\MR APP" folder => Scheduled to move on reboot.
 
C:\Users\Patrice\AppData\Local\{6DCB465D-D22B-447E-8BE7-51D1ACEF093F} => moved successfully.
C:\Users\Patrice\AppData\Local\{9B5B3E18-A0F2-4F8F-9887-33528DBDF661} => moved successfully.
C:\Users\Patrice\AppData\Local\{F7C0E25B-95EE-4E58-A84B-D4223E6C9259} => moved successfully.
C:\Users\Patrice\AppData\Local\{E72D8CB9-93EE-44A0-877E-9AE325F0EA2C} => moved successfully.
C:\Windows\system32\ScanResults.xml => moved successfully.
C:\Windows\system32\ScannerSettings => moved successfully.
C:\Users\Patrice\AppData\Local\{1631E3FC-3ACF-4B90-BE51-A649AB422134} => moved successfully.
C:\Users\Patrice\AppData\Local\{2C2CB7EE-0483-44E6-A67A-DFA25361A4E7} => moved successfully.
C:\Users\Patrice\AppData\Local\{C2D359DB-5773-406A-8EFB-2CCAD2392076} => moved successfully.
C:\Users\Patrice\AppData\Local\{E41D08B3-DFD3-4CC2-8214-A4ED2A0D8F2E} => moved successfully.
C:\Users\Patrice\Downloads\Snap-2_0_0_2 (4).bar => moved successfully.
C:\Program Files\Reimage => moved successfully.
C:\ProgramData\Reimage Protector => moved successfully.
C:\Windows\System32\Tasks\ReimageUpdater => moved successfully.
C:\Windows\Reimage.ini => moved successfully.
C:\Users\Patrice\Downloads\ReimageRepair.exe => moved successfully.
C:\Program Files (x86)\PCFixKit => moved successfully.
C:\Users\Patrice\AppData\Roaming\PCFixKit => moved successfully.
C:\Users\Patrice\AppData\Local\{A1C6C12F-9F45-4CAB-B0CB-68210E1D5CAF} => moved successfully.
C:\Users\Patrice\AppData\Local\{436E4563-FD47-4413-AB20-1DDA6A3BF872} => moved successfully.
C:\Users\Patrice\AppData\Local\{DB415AB1-D264-460D-BABB-D55D8C8DCAEC} => moved successfully.
C:\Users\Patrice\AppData\Local\{35D9F5B9-9FD6-44C3-B0F6-B0C1D1C0ABBC} => moved successfully.
C:\Users\Patrice\AppData\Local\{123F0186-3E58-44F5-83B5-F71512E5978C} => moved successfully.
C:\Users\Patrice\AppData\Local\{CFCAD671-4D19-4342-80A8-A894E7DA9E3B} => moved successfully.
 
"C:\ProgramData\MR APP" folder move:
 
Could not move "C:\ProgramData\MR APP" folder => Scheduled to move on reboot.
 
C:\Users\Patrice\AppData\Local\EmieBrowserModeList => moved successfully.
C:\Users\Patrice\AppData\Local\EmieUserList => moved successfully.
C:\Users\Patrice\AppData\Local\EmieSiteList => moved successfully.
C:\Users\Patrice\AppData\Local\{717219CE-6B7A-4CAE-B6B6-356B0F5B2D93} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FE55D85-14BE-406D-AF59-72D92B8CB2A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FE55D85-14BE-406D-AF59-72D92B8CB2A8}" => key removed successfully
C:\Windows\System32\Tasks\ReimageUpdater not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5491B7E1-6739-4DD8-BD6C-7719220F311D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5491B7E1-6739-4DD8-BD6C-7719220F311D}" => key removed successfully
C:\Windows\System32\Tasks\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D31184D-3A7E-4CA9-BA13-500CC8CB6536}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C8CEA35-58B4-4DAD-8E34-183D7702F6EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C8CEA35-58B4-4DAD-8E34-183D7702F6EE}" => key removed successfully
C:\Windows\System32\Tasks\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4962AF0-A1EB-4724-8A79-2B561A7D4B10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{844CCB8A-DF95-4934-9596-604143C2AED1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{844CCB8A-DF95-4934-9596-604143C2AED1}" => key removed successfully
C:\Windows\System32\Tasks\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E881E3D3-CC75-4A12-BB4F-6C94BA830C6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF5121DF-F87A-4B52-84DA-10E6028C6772}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF5121DF-F87A-4B52-84DA-10E6028C6772}" => key removed successfully
C:\Windows\System32\Tasks\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA4F9F7B-B275-458E-BCFD-6EF16A3BCC4C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8661CB6-52DE-45A2-8D64-DE4E4F49BFC5}" => key removed successfully
C:\Windows\System32\Tasks\{26438AA6-86F7-43F1-A522-DAF096399A01} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26438AA6-86F7-43F1-A522-DAF096399A01}" => key removed successfully
AntiLog32 => Service removed successfully
 
========= RemoveProxy: =========
 
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-27582077-1071981072-3432663169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Tunnel adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : fd16:7b5d:1f48:624b:567a:af04:8a61:7adc
   Link-local IPv6 Address . . . . . : fe80::844b:9b66:9274:373c%38
   Autoconfiguration IPv4 Address. . : 169.254.55.60
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::2058:9a30:4cd8:bef7%13
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{E9F39A8E-0F4A-42BA-B624-DBDAE4A9693D}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 24:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{3AC86F93-7939-456F-99DA-ED873D170793}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
An error occurred while renewing interface Local Area Connection 4 : unable to contact your DHCP server. Request has timed out.
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Tunnel adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : fd16:7b5d:1f48:624b:567a:af04:8a61:7adc
   Link-local IPv6 Address . . . . . : fe80::844b:9b66:9274:373c%38
   Autoconfiguration IPv4 Address. . : 169.254.55.60
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::2058:9a30:4cd8:bef7%13
   IPv4 Address. . . . . . . . . . . : 192.168.1.106
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain.actdsltmp
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter Local Area Connection* 24:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{3AC86F93-7939-456F-99DA-ED873D170793}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {AB1CBB02-DC5D-4437-AFDB-E836166F71AD}.
{5DD5C69C-7685-40C3-AC2D-B54B47B829B7} canceled.
{B9B17EC4-4A3A-446C-B871-800F1BD14363} canceled.
2 out of 3 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 2.5 GB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-13 09:22:10)<=
 
C:\Program Files (x86)\MR APP => Is moved successfully
C:\ProgramData\MR APP => Is moved successfully
 
==== End of Fixlog 09:22:10 ====

  • 0

#6
mspatrice71
Posted 13 July 2015 - 07:59 AM

mspatrice71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
# AdwCleaner v4.208 - Logfile created 13/07/2015 at 09:43:49
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Patrice - PATRICE-HP
# Running from : C:\Users\Patrice\Downloads\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : ReimageRealTimeProtector
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Device
File Deleted : C:\Users\Patrice\AppData\Roaming\WBPU-TTL.DAT
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fgkbmedckhcibhkdhaokebnllokeokek
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgkbmedckhcibhkdhaokebnllokeokek
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\PRODUCTSETUP
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.132
 
 
*************************
 
AdwCleaner[R0].txt - [14031 bytes] - [15/02/2015 17:30:48]
AdwCleaner[R1].txt - [14095 bytes] - [15/02/2015 17:55:50]
AdwCleaner[R2].txt - [2389 bytes] - [02/03/2015 18:29:33]
AdwCleaner[R3].txt - [3661 bytes] - [13/07/2015 09:35:43]
AdwCleaner[R4].txt - [3720 bytes] - [13/07/2015 09:40:58]
AdwCleaner[S0].txt - [13993 bytes] - [15/02/2015 17:59:25]
AdwCleaner[S1].txt - [2477 bytes] - [02/03/2015 18:58:01]
AdwCleaner[S2].txt - [3331 bytes] - [13/07/2015 09:43:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3390  bytes] ##########

  • 0

#7
Essexboy
Posted 13 July 2015 - 08:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now ? any anomalies ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#8
mspatrice71
Posted 13 July 2015 - 01:35 PM

mspatrice71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

No, I haven't noticed any abnormalities.....here is the next log info

 

# AdwCleaner v4.208 - Logfile created 13/07/2015 at 09:43:49
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Patrice - PATRICE-HP
# Running from : C:\Users\Patrice\Downloads\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : ReimageRealTimeProtector
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Device
File Deleted : C:\Users\Patrice\AppData\Roaming\WBPU-TTL.DAT
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fgkbmedckhcibhkdhaokebnllokeokek
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgkbmedckhcibhkdhaokebnllokeokek
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\PRODUCTSETUP
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.132
 
 
*************************
 
AdwCleaner[R0].txt - [14031 bytes] - [15/02/2015 17:30:48]
AdwCleaner[R1].txt - [14095 bytes] - [15/02/2015 17:55:50]
AdwCleaner[R2].txt - [2389 bytes] - [02/03/2015 18:29:33]
AdwCleaner[R3].txt - [3661 bytes] - [13/07/2015 09:35:43]
AdwCleaner[R4].txt - [3720 bytes] - [13/07/2015 09:40:58]
AdwCleaner[S0].txt - [13993 bytes] - [15/02/2015 17:59:25]
AdwCleaner[S1].txt - [2477 bytes] - [02/03/2015 18:58:01]
AdwCleaner[S2].txt - [3331 bytes] - [13/07/2015 09:43:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3390  bytes] ##########

  • 0

#9
Essexboy
Posted 13 July 2015 - 02:33 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is Norton working properly now along with other programmes ? Are you happy for me to tidy up ?
  • 0

#10
mspatrice71
Posted 13 July 2015 - 02:49 PM

mspatrice71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Yes, Norton is ok, My computer is moving better too, opening tabs is still a little slow, but better.   Yes, i think its better now


Edited by mspatrice71, 13 July 2015 - 03:12 PM.

  • 0

#11
Essexboy
Posted 14 July 2015 - 07:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#12
Essexboy
Posted 15 July 2015 - 07:43 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP