Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My browsers are getting hijacked [Closed]

malware

  • This topic is locked This topic is locked

#1
dpkpr

dpkpr

    New Member

  • Member
  • Pip
  • 1 posts

In recent days I've been trying unsuccessfully to remove software that has caused the following issues:

 

1. My search engine is being hijacked, going to http://searchinterneat-a.akamaihd.netwhich then redirects to Yahoo. Once there, the malware delivers "Results Hub Ads" at the top of the search results.

 

2. My system is having difficulty with certain online tasks. For instance, I can't access www.marketwired.com, which is important for the work I do. Similarly, when I tried to download software from McAfee, it said to check my Internet connection. A third example is that I tried to download Citrix software to chat with McAfee and the system came back with an error message stating that it experienced a connection issue even though the connection was fine throughout.

 

Below is the FRST Log (and Addition Log below it):

 

--

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Ran by Daniel Keeney APR (administrator) on DPK_PUBLIC_RELA (19-10-2015 21:59:48)
Running from C:\Users\Daniel Keeney APR\Downloads
Loaded Profiles: Daniel Keeney APR (Available Profiles: Daniel Keeney APR)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Verizon) C:\Program Files\verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
() C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\AMT\atchk.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
(Nike) C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\Hp\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\NETGEAR\WNA1000M\WNA1000M.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files\Intuit\QuickBooks 2014\QBW32.EXE
(Dropbox, Inc.) C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Users\Daniel Keeney APR\Downloads\Windows-KB890830-V5.29.exe
(Microsoft Corporation) G:\22f198599f0bd7b1e261e4\mrtstub.exe
(Microsoft Corporation) C:\Windows\System32\mrt.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\6\Plugin.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\10\Plugin.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\5\Plugin.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intuit Inc. All rights reserved.) C:\Users\Daniel Keeney APR\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\Plugin.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\Plugin.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\3\Plugin.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\3\Plugin.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\8\Plugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Verizon) C:\Program Files\verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
() C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\2\Plugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files\Intel\AMT\atchk.exe [408344 2007-06-12] (Intel Corporation)
HKLM\...\Run: [PMX Daemon] => C:\Windows\system32\ICO.EXE [49152 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-03-18] (RealNetworks, Inc.)
HKLM\...\Run: [EverioService] => C:\Program Files\CyberLink\PCM4Everio\EverioService.exe [151552 2007-06-06] (CyberLink Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ATICustomerCare] => C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582288 2015-03-03] (McAfee, Inc.)
HKLM\...\Run: [Nike+ Connect] => C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-02-01] (Nike)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1282048 2007-08-01] (Analog Devices, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\RunOnce: [1019_1615052425341] => C:\Users\Daniel Keeney APR\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp_r.bat [371 2015-10-19] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\Hp\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819608 2015-09-29] (SUPERAntiSpyware)
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Run: [Dropbox Update] => C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Users\DANIEL~1\AppData\Local\Linkey\IEEXTE~1\iedll.dll => No File
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2013-12-09]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1000M Genie.lnk [2015-02-11]
ShortcutTarget: NETGEAR WNA1000M Genie.lnk -> C:\Program Files\NETGEAR\WNA1000M\WNA1000M.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2013-12-09]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2013-12-09]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Daniel Keeney APR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8706FEEA-D486-4108-A40A-3AF159DBC788}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{FB1BE8E6-CD08-4AE6-A2D9-39A7C6898DC0}: [DhcpNameServer] 192.168.1.2 8.8.8.8
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggacFxcAl0QERhBcA5ZTA0SFQUOeFoJWBRBFVARcgxbBwATEFQFIk0FA1ADB0VXfVBdFElXTwhxJUpNDU0CaUBB
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAIBF0SRVQTbVsIVlhcFVYXcBQAAghIDAUXJQsKVFoXGFcSIR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAIBF0SRVQTbVsIVlhcFVYXcBQAAghIDAUXJQsKVFoXGFcSIR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> DefaultScope {64A25A0C-10E3-43F3-89D3-BD9DAED662A5} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAIBF0SRVQTbVsIVlhcFVYXcBQAAghIDAUXJQsKVFoXGFcSIR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> OldSearch URL = 
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> {64A25A0C-10E3-43F3-89D3-BD9DAED662A5} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAIBF0SRVQTbVsIVlhcFVYXcBQAAghIDAUXJQsKVFoXGFcSIR9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: LastPass Browser Helper Object -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files\LastPass\LPBar.dll [2012-01-31] (LastPass)
BHO: No Name -> {A057A204-BACC-4D26-8398-26FADCF27386} -> No File
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-18] (Oracle Corporation)
BHO: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-01] (Google Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {A057A204-BACC-4D26-8398-26FADCF27386} -  No File
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll [2012-01-31] (LastPass)
Toolbar: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000 -> No Name - {A057A204-BACC-4D26-8398-26FADCF27386} -  No File
Handler: cf - No CLSID Value - 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-01] (Google Inc.)
Handler: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2014-06-26] (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [2009-04-03] (BitTorrent, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-18] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll [2010-05-17] (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2009-03-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-03-18] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2009-03-18] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3761002974-3346382329-3765931107-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Daniel Keeney APR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-01-07] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2014-06-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-14] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-22] [not signed]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-28] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-10] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2015-09-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2009-03-10] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.default-search.net?sid=503&aid=101&itype=n&ver=13437&tm=412&src=hmp
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggacFxcAl0QERhBcA5ZTA0SFQUOeFoJWBRBFVARcgxbBwATEFQFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggacFxcAl0QERhBcA5ZTA0SFQUOeFoJWBRBFVARcgxbBwATEFQFIk0FA1oDB0VXfV5bFElXTwhxJUpNDU0CaUBB"
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAIBF0SRVQTbVsIVlhcFVYXcBQAAghIDAUXJQsKVFoXGFcSIR9aFQQTQkcFME0FBloEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAwTJV1bBVhBDFcTd1gVVVpFERgbIwgBTAlFRAcRdVpeWFtAQBNBNARaAktXUUEeJ1pNER8fHGdGM0xUFUo5VFc=
CHR Profile: C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (YouTube) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-14]
CHR Extension: (Google Search) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-14]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Pin It Button) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2011-03-24]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files\LastPass\lpchrome.crx [2012-01-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
S2 0220181445305882mcinstcleanup; C:\Windows\TEMP\022018~1.EXE [883024 2015-05-04] (McAfee, Inc.)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-12] (Intel Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-03-10] (Macrovision Europe Ltd.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2015-01-27] (Verizon) [File not signed]
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-12] (Intel)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-09-28] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-05-04] (Memeo)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-03-01] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-06-26] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2013-10-10] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-08-19] (Intuit Inc.) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2006-12-19] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 Service Mgr ResultsHub; C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer.exe [1045728 2015-10-19] ()
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-12] (Intel)
R2 Update Mgr ResultsHub; C:\Program Files\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater.exe [612576 2015-10-19] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
R2 DLABMFSM; C:\Windows\System32\Drivers\DLABMFSM.SYS [37360 2007-07-23] (Roxio)
R2 DLABOIOM; C:\Windows\System32\Drivers\DLABOIOM.SYS [32848 2007-07-23] (Roxio)
R2 DLADResM; C:\Windows\System32\Drivers\DLADResM.SYS [9104 2007-07-23] (Roxio)
R2 DLAIFS_M; C:\Windows\System32\Drivers\DLAIFS_M.SYS [108752 2007-07-23] (Roxio)
R2 DLAOPIOM; C:\Windows\System32\Drivers\DLAOPIOM.SYS [27216 2007-07-23] (Roxio)
R2 DLAPoolM; C:\Windows\System32\Drivers\DLAPoolM.SYS [16304 2007-07-23] (Roxio)
R2 DLAUDFAM; C:\Windows\System32\Drivers\DLAUDFAM.SYS [93552 2007-07-23] (Roxio)
R2 DLAUDF_M; C:\Windows\System32\Drivers\DLAUDF_M.SYS [98448 2007-07-23] (Roxio)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl1ec332b7; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD5AF6FA-924F-43BB-9542-E2371092CCDE}\MpKsl1ec332b7.sys [39168 2015-10-19] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [700520 2011-01-31] (Realtek Semiconductor Corporation                           )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows ® Codename Longhorn DDK provider)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-19 21:59 - 2015-10-19 22:03 - 00034271 _____ C:\Users\Daniel Keeney APR\Downloads\FRST.txt
2015-10-19 21:54 - 2015-10-19 22:01 - 00000000 ____D C:\FRST
2015-10-19 21:54 - 2015-10-19 21:54 - 01700864 _____ (Farbar) C:\Users\Daniel Keeney APR\Downloads\FRST.exe
2015-10-19 21:42 - 2015-10-19 21:42 - 07708304 _____ (McAfee, Inc.) C:\Users\Daniel Keeney APR\Downloads\Setup_serial_6O256hglh_FILb_5iwtDww2_key (1).exe
2015-10-19 21:26 - 2015-10-19 21:27 - 07708304 _____ (McAfee, Inc.) C:\Users\Daniel Keeney APR\Downloads\Setup_serial_6O256hglh_FILb_5iwtDww2_key.exe
2015-10-19 20:12 - 2015-10-19 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-10-19 17:00 - 2015-10-19 17:00 - 07708304 _____ (McAfee, Inc.) C:\Users\Daniel Keeney APR\Downloads\Setup_serial_7IWd813hHTyCsaw6QF70bQ2_key.exe
2015-10-19 16:45 - 2015-10-19 16:45 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Daniel Keeney APR\Downloads\SpyHunter-Installer.exe
2015-10-19 16:06 - 2015-10-19 16:07 - 00000119 _____ C:\Users\Daniel Keeney APR\Desktop\techsupport.txt
2015-10-19 15:33 - 2015-10-19 16:12 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Local\LogMeIn Rescue Applet
2015-10-19 14:49 - 2015-10-19 14:49 - 00000777 _____ C:\Users\Daniel Keeney APR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-19 14:49 - 2015-10-19 14:49 - 00000729 _____ C:\Users\Daniel Keeney APR\Desktop\Start Tor Browser.lnk
2015-10-19 14:46 - 2015-10-19 14:47 - 00000000 ____D C:\Users\Daniel Keeney APR\Desktop\Tor Browser
2015-10-19 14:38 - 2015-10-19 14:39 - 368945248 _____ (Microsoft Corporation) C:\Users\Daniel Keeney APR\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2015-10-19 14:38 - 2015-10-19 14:38 - 53091544 _____ (Microsoft Corporation) C:\Users\Daniel Keeney APR\Downloads\Windows-KB890830-V5.29.exe
2015-10-19 13:00 - 2015-10-19 13:00 - 00001973 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-19 13:00 - 2015-10-19 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-19 11:32 - 2015-10-19 11:32 - 00000286 _____ C:\Users\Daniel Keeney APR\Downloads\debug.log
2015-10-19 09:59 - 2015-10-19 10:06 - 00000000 ____D C:\Users\Daniel Keeney APR\Downloads\Photos
2015-10-19 09:52 - 2015-10-19 09:53 - 43810256 _____ C:\Users\Daniel Keeney APR\Downloads\torbrowser-install-5.0.3_en-US.exe
2015-10-19 08:47 - 2015-07-18 08:14 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-19 08:47 - 2015-07-18 08:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-19 08:45 - 2015-09-28 12:17 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-19 08:45 - 2015-09-26 11:09 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-19 08:45 - 2015-09-26 11:09 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-19 08:44 - 2015-07-28 19:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-17 16:14 - 2015-10-17 16:14 - 00001828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-10-17 16:13 - 2015-10-17 16:14 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-10-17 16:11 - 2010-04-05 15:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-17 16:08 - 2015-10-17 16:08 - 11588952 _____ (Microsoft Corporation) C:\Users\Daniel Keeney APR\Downloads\mseinstall.exe
2015-10-17 11:53 - 2015-09-11 02:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-17 11:53 - 2015-09-11 02:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-17 11:53 - 2015-09-11 02:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-17 11:53 - 2015-09-11 02:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-17 11:53 - 2015-09-11 02:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-17 11:53 - 2015-09-11 02:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-17 11:53 - 2015-09-11 02:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-17 11:53 - 2015-09-11 02:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-17 11:53 - 2015-09-11 02:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-17 11:53 - 2015-09-11 02:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-17 11:53 - 2015-09-11 02:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-17 11:53 - 2015-09-11 02:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-17 11:05 - 2015-10-17 11:05 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-02 19:02 - 2015-10-02 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
2015-10-02 18:02 - 2015-10-19 17:38 - 00000000 ____D C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656
2015-10-02 18:02 - 2015-10-19 17:33 - 00000000 ____D C:\Program Files\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656
2015-10-02 18:02 - 2015-10-19 11:11 - 00000000 ____D C:\ProgramData\Results Hub
2015-10-02 18:02 - 2015-10-17 15:06 - 00000000 ____D C:\Program Files\Results Hub
2015-10-02 18:00 - 2015-10-02 18:01 - 37973920 _____ (Any-Video-Converter.com ) C:\Users\Daniel Keeney APR\Downloads\avc-free.exe
2015-10-02 10:45 - 2015-10-02 10:45 - 00013354 _____ C:\Users\Daniel Keeney APR\Downloads\Keyword_10_2_2015_DPK_Public_Relations.xlsx
2015-09-23 18:32 - 2015-09-23 18:32 - 00422514 _____ C:\Users\Daniel Keeney APR\Downloads\social.3.1.1.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-19 21:53 - 2015-02-07 10:46 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d042ed4a1414c4.job
2015-10-19 21:52 - 2015-07-15 13:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf2eb1d3e840.job
2015-10-19 21:52 - 2015-05-18 11:48 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0918a723b82d3.job
2015-10-19 21:52 - 2006-11-02 07:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-19 21:52 - 2006-11-02 07:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-19 21:51 - 2014-11-14 08:46 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d000116356fc8f.job
2015-10-19 21:51 - 2014-10-19 14:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfebd4a1d1a960.job
2015-10-19 21:46 - 2014-05-08 10:49 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6ad5b16cd29.job
2015-10-19 21:32 - 2015-07-20 14:27 - 00000966 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000UA1d0c32219abd404.job
2015-10-19 21:25 - 2009-03-10 14:37 - 00000000 ____D C:\ProgramData\McAfee
2015-10-19 21:08 - 2012-04-27 16:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-19 20:05 - 2013-08-25 12:48 - 09764864 ____R C:\Users\Daniel Keeney APR\DPK Public Relations_2013_08_25.QBW.TLG
2015-10-19 20:05 - 2013-08-25 12:44 - 84267008 ____R C:\Users\Daniel Keeney APR\DPK Public Relations_2013_08_25.QBW
2015-10-19 20:05 - 2013-08-25 12:44 - 00000364 _____ C:\Users\Daniel Keeney APR\DPK Public Relations_2013_08_25.QBW.nd
2015-10-19 19:57 - 2014-08-15 11:32 - 00000000 ____D C:\Users\Daniel Keeney APR\Documents\DPKPR 401K
2015-10-19 18:02 - 2013-12-09 12:11 - 00000000 ____D C:\Users\Daniel Keeney APR\QuickBooksAutoDataRecovery
2015-10-19 18:02 - 2009-03-10 12:53 - 00000000 ____D C:\Users\Daniel Keeney APR
2015-10-19 18:01 - 2013-12-09 12:11 - 00000000 ____D C:\Users\Daniel Keeney APR\DPK Public Relations_2013_08_25.QBW.SearchIndex
2015-10-19 15:40 - 2008-01-20 20:38 - 01290069 _____ C:\Windows\WindowsUpdate.log
2015-10-19 14:53 - 2015-05-18 11:48 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0918a7150176a.job
2015-10-19 14:48 - 2014-04-01 07:43 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4da81faeca0.job
2015-10-19 14:32 - 2015-06-16 12:20 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000Core.job
2015-10-19 13:35 - 2012-01-05 10:31 - 00000000 ___RD C:\Users\Daniel Keeney APR\Dropbox
2015-10-19 13:35 - 2012-01-05 10:26 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox
2015-10-19 13:32 - 2014-11-14 08:46 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0001162d1af1f.job
2015-10-19 13:31 - 2015-02-07 10:46 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d042ed498ac084.job
2015-10-19 13:31 - 2014-10-19 14:41 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfebd4a12b0920.job
2015-10-19 13:31 - 2008-01-20 22:02 - 00375628 _____ C:\Windows\PFRO.log
2015-10-19 13:31 - 2006-11-02 07:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-19 13:29 - 2006-11-02 07:58 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-19 13:00 - 2009-03-10 18:14 - 00000000 ____D C:\Program Files\Google
2015-10-19 12:59 - 2009-03-10 14:00 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Local\Deployment
2015-10-19 12:09 - 2009-03-10 18:15 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Local\Google
2015-10-19 10:37 - 2009-03-10 14:00 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Local\Citrix
2015-10-19 10:35 - 2009-03-10 18:14 - 00000000 ____D C:\ProgramData\Google
2015-10-19 09:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2015-10-19 09:07 - 2009-03-10 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-19 09:04 - 2013-08-17 13:18 - 00000000 ____D C:\Windows\system32\MRT
2015-10-17 16:04 - 2014-07-18 15:16 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Roaming\AnvSoft
2015-10-17 16:03 - 2013-10-10 12:44 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2015-10-17 16:03 - 2013-10-10 12:44 - 00000000 ____D C:\Program Files\AVS4YOU
2015-10-17 15:38 - 2015-06-18 17:52 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2015-10-17 15:12 - 2009-03-10 12:53 - 00007944 _____ C:\Users\Daniel Keeney APR\AppData\Local\d3d9caps.dat
2015-10-17 12:08 - 2012-04-27 16:31 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-17 12:08 - 2011-05-17 16:22 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-05 11:13 - 2006-11-02 05:33 - 00829270 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 10:34 - 2009-03-17 10:57 - 00164864 _____ C:\Users\Daniel Keeney APR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-02 18:01 - 2014-07-18 15:13 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Roaming\OpenCandy
2015-10-02 17:54 - 2013-10-10 11:12 - 00000000 ____D C:\Users\Daniel Keeney APR\AppData\Roaming\mIRC
2015-10-02 16:43 - 2014-05-27 12:47 - 00000000 ____D C:\Users\Daniel Keeney APR\Documents\Vegas Movie Studio PE 9.0 Projects
2015-10-02 12:10 - 2006-11-02 05:24 - 141105520 ____N (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-09-30 17:42 - 2006-11-02 07:49 - 00095402 _____ C:\Windows\setupact.log
2015-09-29 20:08 - 2014-12-26 14:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
 
==================== Files in the root of some directories =======
 
2010-06-15 12:21 - 2010-06-15 12:32 - 0000971 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\BBMS_EXCEPTION.txt
2014-05-27 10:46 - 2015-07-16 15:07 - 0003387 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\QBFileDrTool.log
2010-10-21 10:27 - 2012-02-02 14:45 - 0000847 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\Rim.Desktop.Exception.log
2010-10-21 09:45 - 2014-01-08 12:03 - 0003908 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-06-21 20:49 - 2012-02-02 14:55 - 0000231 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2009-09-23 18:52 - 2009-09-23 18:52 - 0000407 _____ () C:\Users\Daniel Keeney APR\AppData\Roaming\TweetDeckFast_state.xml
2009-03-10 12:53 - 2015-10-17 15:12 - 0007944 _____ () C:\Users\Daniel Keeney APR\AppData\Local\d3d9caps.dat
2009-03-17 10:57 - 2015-10-05 10:34 - 0164864 _____ () C:\Users\Daniel Keeney APR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-20 11:44 - 2015-03-20 11:44 - 0000245 _____ () C:\Users\Daniel Keeney APR\AppData\Local\poetsch.bat
2013-09-09 09:36 - 2013-09-09 09:36 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-03-10 16:45 - 2009-03-10 17:48 - 0000367 _____ () C:\ProgramData\hpzinstall.log
 
Files to move or delete:
====================
C:\Users\Daniel Keeney APR\PhotoScapeSetup_V3.3.exe
 
 
Some files in TEMP:
====================
C:\Users\Daniel Keeney APR\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3erf3o.dll
C:\Users\Daniel Keeney APR\AppData\Local\Temp\ose00000.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-19 13:44
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:18-10-2015
Ran by Daniel Keeney APR (2015-10-19 22:04:45)
Running from C:\Users\Daniel Keeney APR\Downloads
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) (2009-03-10 15:46:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3761002974-3346382329-3765931107-500 - Administrator - Disabled)
Daniel Keeney APR (S-1-5-21-3761002974-3346382329-3765931107-1000 - Administrator - Enabled) => C:\Users\Daniel Keeney APR
Guest (S-1-5-21-3761002974-3346382329-3765931107-501 - Limited - Disabled)
Sonos (S-1-5-21-3761002974-3346382329-3765931107-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{FD423BBD-8095-D342-F496-59D7C22FD581}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (Version: 3.00.0000 - ATI Technologies Inc.) Hidden
BitTorrent (HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (Version: 2010.0527.1242.20909 - ATI) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Coby Media Manager (HKLM\...\{45C5421D-7A5E-4FE9-8F42-D98DF070E783}) (Version: 1.0.3624 - Coby)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.10.0000 - Dell Inc.)
Digital Photo Navigator 1.5 (HKLM\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
Dropbox (HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
ffdshow [rev 3128] [2009-11-08] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Flash Player Pro V5.4 (HKLM\...\Flash Player Pro_is1) (Version:  - FlashPlayerPro.com)
Free DVD Creator version 2.0 (HKLM\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Chrome Frame (HKLM\...\Google Chrome Frame) (Version: 32.0.1700.107 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HP Driver Diagnostics (HKLM\...\{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}) (Version: 1.03.0005 - Hewlett-Packard Company)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6600 Basic Device Software (HKLM\...\{C4C4BECF-764C-406D-A1AD-F73611B0F668}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPOJ6600FWUpdateAlert (Version: 1.00.0000 - HP) Hidden
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LastPass (uninstall only) (HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\LastPass) (Version:  - LastPass)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}) (Version: 5.5.2.0 - McAfee, Inc.)
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Memeo Instant Backup (HKLM\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 Primary Interop Assemblies (HKLM\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM\...\{EA710A0A-BF5D-433C-8EB5-D17DC54CC298}) (Version: 8.0.6362.201 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Suite for Desktop Computers (HKLM\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 2.50.020 - Dell)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (Version: 1.01.10 - NETGEAR) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.47 - BVRP Software, Inc)
Nike+ Connect (HKLM\...\Nike+ Connect) (Version: 6.6.32 - Nike)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerCinema NE for Everio (HKLM\...\{39CEE1F2-12B6-4C50-9131-04BFCA110578}) (Version:  - )
PowerDirector Express (HKLM\...\{EDE721EC-870A-11D8-9D75-000129760D75}) (Version:  - )
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 074303(3.7)_Vista_JVC - CyberLink Corporation)
QuickBooks (Version: 24.0.4007.2403 - Intuit Inc.) Hidden
QuickBooks Pro 2014 (HKLM\...\{4A21D17E-2FE8-42CD-88B7-ACF8E8860834}) (Version: 24.0.4001.2403 - Intuit Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Roxio Activation Module (HKLM\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.1 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Sonic CinePlayer Decoder Pack (HKLM\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 29.5.90191 - Sonos, Inc.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5491 - Analog Devices)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
The Lord of the Rings FREE Trial  (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Trader's Little Helper 2.7.0 (HKLM\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Vegas Movie Studio Platinum 9.0 (HKLM\...\{F14F7FCF-6299-446A-A8F5-C5B791015692}) (Version: 9.0.55 - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 0.9.9 (HKLM\...\VLC media player) (Version: 0.9.9 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{0C378864-D5C4-4D9C-854C-432E3BEC9CCB}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{17764098-F985-44E2-93C3-DF9B49F1CC19}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{17E67D4A-23A1-40D8-A049-EE34C0AF756A}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{1B3210AF-E236-46D4-83EF-6421F2FF543C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{1E78DD72-771E-42BF-8B4B-363CEB18E07B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{22664BE2-0806-4BA4-8643-DE40C9149176}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{294E9835-D0F1-4815-8C52-3C08FBB1403E}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{2A9EBDB5-0600-4E8C-B910-4001BEB2DD8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\WebEx\1224\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{349D777D-F7A2-4AAE-967F-A54F05A7FF3B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBFinder.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{38F58721-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\COMObjectFactory.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{38F58742-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{38F58743-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{38F58744-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{3CDEA288-D759-4C3B-B07F-7AFBCC842D98}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{42C68651-1700-4750-A81F-A1F5110E0F66}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{4774922A-8983-4ECC-94FD-7235F06F53A1}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{51240B37-45D0-413C-BAE0-D8F3ACDC15E6}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5249684A-D7A2-4DBE-94F4-B90923A7BC64}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{54BE6B6F-3056-470B-97E1-BB92E051B6C4}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5A494E87-262C-4340-A539-2FAC0A85D935}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5E6F22B3-7DF6-4C64-8AD0-1A6CC1351085}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{60178279-6D62-43AF-A336-77925651A4C6}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{6470DE80-1635-4B5D-93A3-3701CE148A79}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{64CB8178-1A77-4443-BE13-30BE889B99BB}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{684E4896-6EFC-4A3D-B967-6105894A6796}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{6B75345B-AA36-438A-BBE6-4078B4C6984D}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{70478C56-E77F-4134-B3E3-3B18EE036D71}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{738CD606-129D-45db-86D6-6C9739C750CA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{784F2933-6BDD-4E5F-B1BA-A8D99B603649}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{7CB9D4F5-C492-42A4-93B1-3F7D6946470D}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{7D4CF499-32EC-4E8E-8714-7E74303869F0}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{8877F3CD-3C29-4E2D-B7DD-70B24DF4EBD1}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{910E7ADE-7F75-402D-A4A6-BB1A82362FCA}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{93441C07-E57E-4086-B912-F323D741A9D8}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9986CC36-7FA8-4E9A-ADE1-E197FCC5484B}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9E1DDDD2-0638-4607-B266-13FE69EDFFD3}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9E3A85FC-1E59-4C57-ACEA-17E7D61000F1}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A58C4EAB-2DB8-445E-9CAE-2AE197A5C708}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{A95845D8-8463-4605-B5FB-4F8CFBAC5C47}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{AA6A5B54-2ACF-4FDB-A82B-E505A5E0B65E}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{AAFBE339-5BEE-417C-BE98-218DA8512B43}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{AB049B11-607B-46C8-BBF7-F4D6AF301046}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{AB237044-8A3B-42BB-9EE1-9BFA6721D9ED}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{B2CD4730-67E7-401C-A2CB-D74715E05FA4}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{B5201019-B9A8-411C-A7AC-CEA856A63C00}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{B9C13CD0-5A97-4C6B-8A50-7638020E2462}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{BC2971B9-2A4F-44C8-8D7F-04E027544828}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{BCD594EA-15C3-4FD8-B92B-114BB9694537}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCtrIPMDS2.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{BE65189A-4770-47A0-9B7B-68827DB1C317}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{BF931895-AF82-467A-8819-917C6EE2D1F3}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C70D0641-DDE1-4FD7-A4D4-DA187B80741D}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{C94188F6-0F9F-46B3-8B78-D71907BD8B77}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{CBEF1FB5-78FF-4B14-9B0F-275493FB589C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{CDAF9CEC-F3EC-4B22-ABA3-9726713560F8}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{CE18240D-F3F8-43AE-9EA0-A0DC85A95375}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{CF6866F9-B67C-4B24-9957-F91E91E788DC}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D057CD8F-1469-4A41-B24C-7EED6B1DDCD2}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{D9BC6FC1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DA654E0C-E75D-4507-8AC2-71698C5B5C93}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DC4F9DA0-DB05-4BB0-8FB2-03A80FE98772}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DE233AFF-8BD5-457E-B7F0-702DBEA5A828}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DF1F1C17-6A29-45FB-A3C6-9825908E062E}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E12DA4F2-BDFB-4EAD-B12F-2725251FA6B0}\InprocServer32 -> C:\Program Files\Hp\Common\HPeDiag.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E6E4DF8B-17CE-43ED-B2C7-2CE10457552D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E7D2D0F6-B754-438D-B5C9-BF848D311A0F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{E975F61C-2C2B-4FE8-A4CD-24C52969CE12}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FA9C5110-071C-4964-9DD0-610806FF0F81}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB359C2A-6927-4AD7-8F1B-B6472CA7CDE7}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {19DC287C-7F03-4391-849E-C05C9E4B4842} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf2eb1d3e840 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {22F90C4A-ADE2-432E-B793-0714D9E2C260} - System32\Tasks\GoogleUpdateTaskMachineCore1cfebd4a12b0920 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27BF7985-151F-4B66-BE70-12BAAD321C19} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {2E6E4636-F0E6-4D6B-9F1E-B05B53FEDD27} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4da81faeca0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5A097DC0-0342-4EB5-8DCF-2553A12C9C76} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ad5b16cd29 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B289F58-9F04-4E44-8EDE-370AEC5FD16F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000Core => C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {7043F09A-29DD-44E4-AF11-C2FC0DC5A0E5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000UA1d0c32219abd404 => C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {70F7FB9D-6D63-4AA2-ACC4-6341A4D534B3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0918a723b82d3 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7F743DD3-A58C-4EE1-994F-A625B28842C4} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {94F315A0-3F6F-47D4-A815-03FF4822A436} - System32\Tasks\GoogleUpdateTaskMachineUA1cfebd4a1d1a960 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9E5BAC34-C97C-457B-AE34-103C8B620876} - System32\Tasks\GoogleUpdateTaskMachineCore1d042ed498ac084 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B48807D5-938A-4D7B-88EB-A7770B5B4BAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D798DB21-8F83-4271-99F9-3D4499E7C2A6} - System32\Tasks\GoogleUpdateTaskMachineCore1d0918a7150176a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {E21981B4-3023-4EF9-9142-905DDC9FD2BC} - System32\Tasks\GoogleUpdateTaskMachineUA1d000116356fc8f => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {ECE70444-6D39-468B-B1D1-36362B5CE3E4} - System32\Tasks\GoogleUpdateTaskMachineUA1d042ed4a1414c4 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F593221B-3C68-41D6-8731-E0D2BE3F9924} - System32\Tasks\GoogleUpdateTaskMachineCore1d0001162d1af1f => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000Core.job => C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3761002974-3346382329-3765931107-1000UA1d0c32219abd404.job => C:\Users\Daniel Keeney APR\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4da81faeca0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfebd4a12b0920.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0001162d1af1f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d042ed498ac084.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0918a7150176a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6ad5b16cd29.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfebd4a1d1a960.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d000116356fc8f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d042ed4a1414c4.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0918a723b82d3.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf2eb1d3e840.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-03-10 14:45 - 2009-02-13 12:44 - 00117264 _____ () c:\Program Files\McAfee\SiteAdvisor\apengine.dll
2009-03-10 14:45 - 2009-02-13 12:44 - 00071696 _____ () c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
2009-03-10 14:45 - 2009-02-13 12:44 - 00207376 _____ () c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
2009-04-03 08:47 - 2006-12-19 17:23 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2007-07-23 17:04 - 2007-07-23 17:04 - 00068080 _____ () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\DLAAPI_W.DLL
2009-04-03 11:30 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2011-06-30 23:23 - 2011-06-30 23:23 - 00167936 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanWpsSvc.exe
2010-05-27 11:24 - 2011-11-10 02:11 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2009-04-03 08:59 - 2007-03-29 15:47 - 00012288 ____N () C:\Program Files\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
2012-01-04 19:32 - 2012-01-04 19:32 - 00504064 _____ () C:\Program Files\NETGEAR\WNA1000M\WNA1000M.exe
2011-12-26 14:48 - 2011-12-26 14:48 - 00237568 _____ () C:\Program Files\NETGEAR\WNA1000M\WTmpl.dll
2011-12-26 14:43 - 2011-12-26 14:43 - 00327680 _____ () C:\Program Files\NETGEAR\WNA1000M\XParser.dll
2011-12-26 14:47 - 2011-12-26 14:47 - 00290816 _____ () C:\Program Files\NETGEAR\WNA1000M\WDialog.dll
2011-12-26 14:44 - 2011-12-26 14:44 - 00512000 _____ () C:\Program Files\NETGEAR\WNA1000M\WCtrls.dll
2011-12-13 11:18 - 2011-12-13 11:18 - 00286720 _____ () C:\Program Files\NETGEAR\WNA1000M\WCommObj.dll
2011-12-26 14:45 - 2011-12-26 14:45 - 00319488 _____ () C:\Program Files\NETGEAR\WNA1000M\WDraw.dll
2011-12-26 14:54 - 2011-12-26 14:54 - 00262144 _____ () C:\Program Files\NETGEAR\WNA1000M\GDIpProc.dll
2011-12-26 14:46 - 2011-12-26 14:46 - 00393216 _____ () C:\Program Files\NETGEAR\WNA1000M\WWnd.dll
2011-12-13 12:10 - 2011-12-13 12:10 - 00413696 _____ () C:\Program Files\NETGEAR\WNA1000M\WlanDll.dll
2011-12-13 11:18 - 2011-12-13 11:18 - 00307200 _____ () C:\Program Files\NETGEAR\WNA1000M\WConn.dll
2014-06-26 12:54 - 2014-06-26 12:54 - 00623432 _____ () C:\Program Files\Intuit\QuickBooks 2014\boost_regex-vc100-mt-1_47.dll
2014-06-26 12:56 - 2014-06-26 12:56 - 00021320 _____ () C:\Program Files\Intuit\QuickBooks 2014\QBCompressor.dll
2013-08-19 11:03 - 2013-08-19 11:03 - 00059904 _____ () C:\Program Files\Intuit\QuickBooks 2014\zlib1.dll
2014-06-26 12:56 - 2014-06-26 12:56 - 00149320 _____ () C:\Program Files\Intuit\QuickBooks 2014\QBMAPILibrary.dll
2014-06-26 12:54 - 2014-06-26 12:54 - 00247112 _____ () C:\Program Files\Intuit\QuickBooks 2014\boost_serialization-vc100-mt-1_47.dll
2014-06-26 12:54 - 2014-06-26 12:54 - 00623944 _____ () C:\Program Files\Intuit\QuickBooks 2014\FtuEngine.dll
2014-06-26 12:53 - 2014-06-26 12:53 - 00582472 _____ () C:\Program Files\Intuit\QuickBooks 2014\BackupLib.dll
2014-06-26 12:56 - 2014-06-26 12:56 - 00142664 _____ () C:\Program Files\Intuit\QuickBooks 2014\QBProActiveCore.dll
2014-06-26 12:54 - 2014-06-26 12:54 - 00791880 _____ () C:\Program Files\Intuit\QuickBooks 2014\FeaturesBridge.dll
2014-06-26 12:55 - 2014-06-26 12:55 - 00043848 _____ () C:\Program Files\Intuit\QuickBooks 2014\mbpopup.dll
2014-06-26 12:55 - 2014-06-26 12:55 - 00087368 _____ () C:\Program Files\Intuit\QuickBooks 2014\IPDWidgetBridge.dll
2014-06-26 12:55 - 2014-06-26 12:55 - 00104264 _____ () C:\Program Files\Intuit\QuickBooks 2014\IPDWidgetInterop.dll
2014-06-26 12:57 - 2014-06-26 12:57 - 00501576 _____ () C:\Program Files\Intuit\QuickBooks 2014\SyncManagerUtils.dll
2014-06-26 12:56 - 2014-06-26 12:56 - 00113480 _____ () C:\Program Files\Intuit\QuickBooks 2014\QB2WPFBridge.dll
2014-06-26 12:56 - 2014-06-26 12:56 - 00129352 _____ () C:\Program Files\Intuit\QuickBooks 2014\ReportBridge.dll
2014-06-26 12:57 - 2014-06-26 12:57 - 00115016 _____ () C:\Program Files\Intuit\QuickBooks 2014\Webification.dll
2014-06-26 12:54 - 2014-06-26 12:54 - 00060232 _____ () C:\Program Files\Intuit\QuickBooks 2014\htmlhelper.dll
2015-10-19 13:35 - 2015-10-19 13:35 - 00071168 _____ () c:\Users\Daniel Keeney APR\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3erf3o.dll
2010-04-16 14:20 - 2010-04-16 14:20 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-27 12:40 - 2010-05-27 12:40 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-10-02 14:52 - 2015-10-19 17:32 - 00612576 _____ () C:\Program Files\Common Files\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\updater.exe
2015-10-02 14:43 - 2015-10-19 17:38 - 01045728 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugincontainer.exe
2015-10-19 10:50 - 2015-10-19 10:50 - 01203936 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\6\plugin.exe
2015-10-19 14:40 - 2015-10-19 14:40 - 01002208 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\10\plugin.exe
2015-10-19 17:39 - 2015-10-19 17:39 - 01295072 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\5\plugin.exe
2015-10-19 18:44 - 2015-10-19 18:44 - 00989920 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\7\plugin.exe
2015-10-19 19:44 - 2015-10-19 19:44 - 01267424 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\3\plugin.exe
2015-10-19 20:44 - 2015-10-19 20:44 - 01255648 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\8\plugin.exe
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2010-04-15 18:04 - 2013-05-08 02:57 - 02666496 _____ () C:\Program Files\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2015-07-14 18:20 - 2015-07-14 18:20 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-10-19 21:44 - 2015-10-19 21:44 - 01720544 _____ () C:\ProgramData\3929cb63-cbbd-4b9c-8b92-a50fbd04e656\plugins\2\plugin.exe
2014-04-15 17:43 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-15 17:43 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-10-17 15:56 - 2015-10-15 13:20 - 16493256 _____ () C:\Users\Daniel Keeney APR\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:888AFB86
AlternateDataStreams: C:\Users\Daniel Keeney APR\Desktop\DPK-Public-Relations-2013-Schedule-C.pdf:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\internet -> internet
IE trusted site: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\intuit.com -> hxxps://ttlc.intuit.com
IE trusted site: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\...\mcafee.com -> hxxps://mcafee.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3761002974-3346382329-3765931107-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel Keeney APR\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{E0CAC589-89D7-45C6-8595-77A1F1035E28}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{5377316C-797C-4A4B-BE6F-FBA4FAD92840}] => (Allow) C:\Program Files\CyberLink\PowerDirector Express\PDX.EXE
FirewallRules: [{B212A8A9-4A88-47E6-A34C-2D97D8C4138E}] => (Allow) C:\Program Files\DNA\btdna.exe
FirewallRules: [{4A3083F4-E4FA-4802-A4CD-A6A00A68ABB6}] => (Allow) C:\Program Files\DNA\btdna.exe
FirewallRules: [{5D238C0D-1992-4957-A9C0-B639484BCEB0}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{F89CD39D-5C69-4EC7-ACD2-A38FE378808E}C:\users\daniel keeney apr\program files\dna\btdna.exe] => (Block) C:\users\daniel keeney apr\program files\dna\btdna.exe
FirewallRules: [UDP Query User{FB018D6A-4E31-4A51-A774-02A0C4262D9A}C:\users\daniel keeney apr\program files\dna\btdna.exe] => (Block) C:\users\daniel keeney apr\program files\dna\btdna.exe
FirewallRules: [{6F5A7AAA-3980-41C4-97A4-236296D2DE73}] => (Allow) LPort=80
FirewallRules: [{E18C4433-B755-458C-839C-C3240A1DF99D}] => (Allow) LPort=80
FirewallRules: [{D16CB753-378B-4FE8-BDD0-B54462220ED4}] => (Allow) LPort=80
FirewallRules: [{8BF5C969-B84C-4A62-B5CF-16AC08D020B4}] => (Allow) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
FirewallRules: [{BAC2A4D6-4ABB-4304-92AD-60C2BA17194E}] => (Allow) LPort=50000
FirewallRules: [{27F9AAD0-1E65-43E1-99BC-E523662326FA}] => (Allow) LPort=50000
FirewallRules: [{3EF6FC32-5A4B-4470-8AED-EEDD380388CD}] => (Allow) C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{092D0743-D271-4C3C-A9EF-EE389DB777AF}] => (Allow) C:\Users\Daniel Keeney APR\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{71E28BE7-759F-47C9-A3FD-C3E15685089B}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{B3DB6FBD-9E90-43A6-A976-B5560DEACAEB}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{08CA4F5E-6C53-4C79-BB7A-824824E2EFB0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BBAE5CD1-616E-4B1C-A65A-7D44B6054173}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6A4B27C8-F2AE-412B-899A-146276A28EB7}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{7E0E0BD9-C4B4-4449-B615-12941B395F53}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{E654AA78-9E7D-4A93-920C-26FD07E7AAE5}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{9D92FE7E-2F5F-44F5-8806-C310B8DBBAFC}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{354961E1-F090-4BB3-BC96-39A69F23D171}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{56CC6C35-82D6-461D-BFE2-D2EDB0658425}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A251DFB6-04F3-4936-896A-1821713C9403}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7ADF7A75-971E-40D5-8675-C71AEE42E840}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{D8EB8501-AAE5-485B-9A95-F49675BD5BEF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B3375224-0C65-45D2-B58C-430C510E10D4}] => (Allow) C:\Users\Daniel Keeney APR\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{046DDE63-F318-4FA6-AC63-7FAE60BD2999}] => (Allow) C:\Users\Daniel Keeney APR\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C66EC1A0-060F-4775-A8C3-ED79B1C22C63}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A921ED01-90FC-4C97-9C79-C16CAE5030AE}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{63E9815B-3A8C-4019-B459-04142176A679}] => (Allow) C:\Program Files\Sonos\Sonos.exe
FirewallRules: [{994F50B5-C727-4512-9F90-B56AF5B57DBB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\BitTorrent\bittorrent.exe] => Enabled:BitTorrent
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/19/2015 05:59:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (10/19/2015 05:59:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (10/19/2015 05:45:06 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2014":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\connpool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'
 
Error: (10/19/2015 05:45:06 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2014":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_24; ;DBF=C:\Users\Daniel Keeney APR\DPK Public Relations_2013_08_25.QBW;ENG=QB_data_engine_24;DBN=241f79d09029415d87b629021c2cb2ae
 
Error: (10/19/2015 05:45:06 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2014":
Connection Error:Invalid user ID or password
 
Error: (10/19/2015 02:51:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mcuicnt.exe version 7.0.232.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: c48
Start Time: 01d10a9c7df3af80
Termination Time: 18660
 
Error: (10/19/2015 01:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, time stamp 0x54c7de5a, faulting module VzDetectAgent.exe, version 2.0.2.20, time stamp 0x54c7de5a, exception code 0x40000015, fault offset 0x00115b73,
process id 0xdf0, application start time 0xVzDetectAgent.exe0.
 
Error: (10/19/2015 01:32:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/19/2015 01:31:54 PM) (Source: Intel® AMT) (EventID: 2002) (User: )
Description: [UNS] Failed to subscribe to local Intel® AMT.
 
Error: (10/19/2015 11:25:16 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE SECURITYCENTER.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (10/19/2015 01:36:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (10/19/2015 01:33:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Service Mgr ResultsHub
 
Error: (10/19/2015 01:31:30 PM) (Source: HTTP) (EventID: 15021) (User: )
Description: \Device\Http\ReqQueue0.0.0.0:4482
 
Error: (10/19/2015 01:28:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E14B23B-5D8A-447F-B962-6D6D6897861E}
 
Error: (10/19/2015 11:25:34 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5
 
Error: (10/19/2015 11:25:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
 
Error: (10/19/2015 11:17:17 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Service Mgr ResultsHub
 
Error: (10/19/2015 11:15:21 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: \Device\Http\ReqQueue0.0.0.0:4482
 
Error: (10/19/2015 10:57:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5
 
Error: (10/19/2015 10:52:52 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
 
 
CodeIntegrity:
===================================
  Date: 2015-10-04 17:50:10.141
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-04 17:50:10.110
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-14 10:44:45.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-14 10:44:45.234
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-14 10:42:42.574
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-14 10:42:42.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-06 13:56:00.377
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-06 13:56:00.359
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-06 13:55:00.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-06 13:55:00.669
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU E2220 @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3324.7 MB
Available physical RAM: 892.56 MB
Total Virtual: 6841.38 MB
Available Virtual: 3363.75 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:230.71 GB) (Free:94.24 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.14 GB) NTFS
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:1397.26 GB) (Free:609.8 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.8 GB) (Disk ID: 70000000)
Partition 1: (Not Active) - (Size=125 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=230.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 97587A7D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 

Attached Files


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

I'm reviewing your logs now.


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

OK, let's get started. I see the infection but we need to do a few things before we remove it.

 

Step#1 - Warnings
1. The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): BitTorrent

 

2. Too Many AVs

You are running too many antivirus programs. This is not a good idea as this can cause problems such as slowness in computer speed, conflicts and cause more vulnerability to infection. It appears you are running McAfee and Microsoft Security Essentials. Please remove one.

 

3. System Restore is Disabled

It appears System Restore is disabled on your machine. Was this done intentionally? It's important to have enabled while we perform our fixes. Can you enable it following the instructions below?

http://www.sevenforu...le-disable.html

 

 

 

Thanks. Let me know when these are addressed.

 

 

 

 

 

 


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP