Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hoping to get some help [Solved]

Started by zed1 , Jul 07 2016 01:24 PM

  • This topic is locked This topic is locked

#1
zed1
Posted 07 July 2016 - 01:24 PM

zed1

    Member

  • Member
  • PipPip
  • 92 posts
Hopefully my description of my concerns will be concise enough that we can resolve any issues that my poor ole pute might have.
So here goes...I was on I.E. (microsoft edge) on my homepage checking emails,news and such when I let the stupid part of my brain surface for a moment and I clicked on one of little ads on the side of the page. Well immediately a window popped up saying that I was breaking all kinds of rules and laws and that my files were locked...yada,yada, and that I had to call this number in order to get "tech suppport" and a "code" to unlock my pute. My first reaction was "Crap...ransomware". So just for S&G's (and the need to aggrevate someone) I called the number (I kinda knew where this was leading) and lo and behold I was right...an Indian individual answered and asked if I needed "tech support" so long story short I led him around the Mulberry bush a few times and finally hung up and proceeded to try to sort out the mess stupid me got in to. The scam seemed to be like when you get the unsolicited call from "M.S. Support" saying your pute is broadcasting your info all over the net and you have to do this and that in order to stop it.So, first thing I do is to try to close the I.E. widow, that didn't work so I went to task manager and ended it, that worked, then I reopened I.E. and the same window appeared, again to task manager...then I tried Firefox and it worked just fine. Then I tried restarting my pute, to no avail, and shutting it down, also to no avail, did this a couple of times. Then I shut her down and disconnected her from the net, fired her back up brought up I.E., of course the same window appeared but was unable to connect...went up to the address bar and right clicked on the link and then clicked undo...to my surprise and semi-cautious relief the window disappeared. Shut back down, reconnected, rebooted, brought up I.E. and all was good with the world. Everything seems to be working as it should, I can access all my stuff (files,peripherals), etc. and I.E. and Firefox seem okay, and my pute doesn't seem slow or glitchy. Now my concern is that some other kind of bug may have been introduced during this episode even though I ran two different scans. M.S. Malicious Software Removal, and Iola Virus and they were both negative, but no one program recognizes all the bugs so I am hoping to avail myself of some kind hearted person to help me (not stupid me) sort through this and assuage my concerns.

Please find below the FRST and Addition reports requested and thanks in advance for any help, it is greatly appreciated.


----------------------------------------------------------------------------- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Wally (administrator) on BABY (06-07-2016 13:17:19)
Running from C:\Users\Wally\Desktop
Loaded Profiles: Wally (Available Profiles: Wally & Mcx1-BABY)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
() C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(CYREN Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\ioloGovernor64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Uniden Surveillance System\Uniden Surveillance System.exe
() C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\LiveBoost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [PocketCloud Location] => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [933776 2012-10-24] (Wyse Technology Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [Shwicon9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe [262144 2012-06-28] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [NWEReboot] => [X]
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2013-10-02] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive9] => C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe [982792 2014-07-23] (CyberLink Corp.)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [4612544 2016-02-19] (iolo technologies, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [262144 2007-01-10] ()
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\Run: [Power2GoExpress9] => C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2014-07-23] (CyberLink Corp.)
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-04-11] (Google Inc.)
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\RunOnce: [Uninstall C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\MountPoints2: {13ea8374-88d0-11e2-be6c-f4b7e28f06a8} - "K:\LaunchU3.exe" -a
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-12-07] (SoftThinks SAS)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-17] (Microsoft Corporation)
Startup: C:\Users\Wally\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-03-01]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9-x64 01 C:\windows\system32\iavlsp64.dll [160256 2016-02-19] ()
Winsock: Catalog9-x64 02 C:\windows\system32\iavlsp64.dll [160256 2016-02-19] ()
Winsock: Catalog9-x64 03 C:\windows\system32\iavlsp64.dll [160256 2016-02-19] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e54c74a6-50a9-4fbf-92a8-eb48cd119251}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.xfinity.com/home/x/?cid=mtmh08182013
SearchScopes: HKU\S-1-5-21-1809003014-3391605954-1918167186-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1809003014-3391605954-1918167186-1001 -> {C37A154F-1786-4C5D-9AE3-0BBFBC5926EC} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-07-02] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-26] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-26] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-1809003014-3391605954-1918167186-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-1809003014-3391605954-1918167186-1001 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Wally\AppData\Roaming\Mozilla\Firefox\Profiles\cvgr66ah.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://xfinity.comcast.net/home/x/?cid=mtmh03082013&cid=mtmh08182013
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-07-05] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-01] (Coupons, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> ""
CHR DefaultSearchURL: Default -> hxxp://search.yahoo.com/search?ei=utf-8&fr=chr-greentree_gc&type=714647&ilc=12&p={searchTerms}
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Profile: C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-23]
CHR Extension: (Google Drive) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-23]
CHR Extension: (YouTube) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Google Search) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Google Docs Offline) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Gmail) - C:\Users\Wally\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [86606 2005-06-02] (Canon Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4759600 2016-02-19] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [512000 2007-01-10] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [122120 2014-03-25] (CYREN Inc.)
R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [119560 2014-03-25] (CYREN Inc.)
S3 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [181512 2014-03-25] (CYREN Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S4 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [188928 2012-10-24] () [File not signed]
S4 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-10-24] (Wyse Technology.) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
S2 0146171467820721mcinstcleanup; C:\Users\Wally\AppData\Local\Temp\014617~1.EXE -cleanup -nolog [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMP; C:\windows\system32\Drivers\amp.sys [174856 2014-03-25] (CYREN Inc.)
R2 AMPSE; C:\windows\system32\Drivers\ampse.sys [1728776 2014-03-25] (CYREN Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-08-13] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [103176 2014-03-12] (CyberLink)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 CLVirtualDrive1.1; C:\Windows\system32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-11-13] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-12-07] (EldoS Corporation)
R3 mr8980; C:\Windows\system32\DRIVERS\dwcamx64.sys [84992 2010-05-11] (Mars Semiconductor Corp.)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2014-02-04] ()
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32912 2015-03-23] (EldoS Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [13920 2016-04-23] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 13:17 - 2016-07-06 13:17 - 00023455 _____ C:\Users\Wally\Desktop\FRST.txt
2016-07-06 13:16 - 2016-07-06 13:17 - 00000000 ____D C:\FRST
2016-07-06 13:13 - 2016-07-06 13:13 - 02390016 _____ (Farbar) C:\Users\Wally\Downloads\FRST64.exe
2016-07-06 13:06 - 2016-07-06 13:13 - 02390016 _____ (Farbar) C:\Users\Wally\Desktop\FRST64.exe
2016-07-06 12:53 - 2016-07-06 12:53 - 00000000 ___HD C:\OneDriveTemp
2016-07-06 11:33 - 2016-07-06 11:34 - 50716384 _____ (Microsoft Corporation) C:\Users\Wally\Downloads\Windows-KB890830-x64-V5.37.exe
2016-07-05 16:59 - 2016-07-05 16:59 - 00000000 ____D C:\Program Files\Intel Security
2016-07-05 16:59 - 2016-07-05 16:59 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-07-05 16:57 - 2016-07-06 12:52 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-07-05 16:57 - 2016-07-05 16:57 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-05 16:57 - 2016-07-05 16:57 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-07-05 16:49 - 2016-07-06 12:55 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-05 16:49 - 2016-07-06 12:52 - 00000000 ____D C:\Program Files\TrueKey
2016-07-05 16:49 - 2016-07-06 11:58 - 00000000 ____D C:\ProgramData\McAfee
2016-07-05 16:49 - 2016-07-05 16:49 - 00003806 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-05 16:46 - 2016-07-06 12:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-05 15:52 - 2016-07-05 15:55 - 00000219 _____ C:\Users\Wally\Desktop\New Text Document.txt
2016-07-04 19:28 - 2016-07-04 19:28 - 00323668 _____ C:\WINDOWS\Minidump\070416-13781-01.dmp
2016-06-30 17:34 - 2016-06-30 17:34 - 00323652 _____ C:\WINDOWS\Minidump\063016-11968-01.dmp
2016-06-29 10:06 - 2016-07-05 19:28 - 00000000 ____D C:\Users\Wally\Desktop\Wildwood (2016)
2016-06-28 15:55 - 2016-06-28 15:55 - 00323452 _____ C:\WINDOWS\Minidump\062816-15687-01.dmp
2016-06-22 12:16 - 2016-06-22 12:16 - 00323564 _____ C:\WINDOWS\Minidump\062216-17015-01.dmp
2016-06-20 21:36 - 2016-07-04 19:28 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-20 21:36 - 2016-06-20 21:37 - 00323612 _____ C:\WINDOWS\Minidump\062016-23000-01.dmp
2016-06-20 11:49 - 2016-06-20 11:50 - 00092514 _____ C:\Users\Wally\Downloads\06022016 90.pdf
2016-06-19 08:26 - 2016-06-19 08:26 - 00439560 _____ C:\Users\Wally\Downloads\java_runtime_enviroment_setup-64562990.exe
2016-06-19 08:26 - 2016-06-19 08:26 - 00439560 _____ C:\Users\Wally\Downloads\java_runtime_enviroment_setup-64562990 (1).exe
2016-06-19 08:26 - 2016-06-19 08:26 - 00439560 _____ C:\Users\Wally\Downloads\adobe_flash_player-64563272.exe
2016-06-15 10:11 - 2016-05-28 02:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 10:11 - 2016-05-28 02:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 10:11 - 2016-05-28 02:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 10:11 - 2016-05-28 02:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 10:11 - 2016-05-28 02:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 10:11 - 2016-05-28 02:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 10:11 - 2016-05-28 01:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 10:11 - 2016-05-28 01:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 10:11 - 2016-05-28 01:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 10:11 - 2016-05-28 01:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 10:11 - 2016-05-28 01:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 10:11 - 2016-05-28 01:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 10:11 - 2016-05-28 01:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 10:11 - 2016-05-28 01:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 10:11 - 2016-05-28 01:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 10:11 - 2016-05-28 01:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 10:11 - 2016-05-28 01:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 10:11 - 2016-05-28 01:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 10:11 - 2016-05-28 01:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 10:11 - 2016-05-28 01:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 10:11 - 2016-05-28 01:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 10:11 - 2016-05-28 01:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 10:11 - 2016-05-28 01:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 10:11 - 2016-05-28 01:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 10:11 - 2016-05-28 01:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 10:11 - 2016-05-28 01:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 10:11 - 2016-05-28 01:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 10:11 - 2016-05-28 01:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 10:11 - 2016-05-28 01:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 10:11 - 2016-05-28 01:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 10:11 - 2016-05-28 01:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 10:11 - 2016-05-28 01:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 10:11 - 2016-05-28 01:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 10:11 - 2016-05-28 01:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 10:11 - 2016-05-28 01:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 10:11 - 2016-05-28 01:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 10:11 - 2016-05-28 01:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 10:11 - 2016-05-28 01:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 10:11 - 2016-05-28 01:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 10:11 - 2016-05-28 01:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 10:11 - 2016-05-28 01:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 10:11 - 2016-05-28 01:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 10:11 - 2016-05-28 01:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 10:11 - 2016-05-28 00:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 10:11 - 2016-05-28 00:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 10:11 - 2016-05-28 00:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 10:11 - 2016-05-28 00:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 10:11 - 2016-05-28 00:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 10:11 - 2016-05-28 00:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 10:11 - 2016-05-28 00:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 10:11 - 2016-05-28 00:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 10:11 - 2016-05-28 00:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 10:11 - 2016-05-28 00:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 10:11 - 2016-05-28 00:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 10:11 - 2016-05-28 00:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 10:11 - 2016-05-28 00:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 10:11 - 2016-05-28 00:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 10:11 - 2016-05-28 00:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 10:11 - 2016-05-28 00:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 10:11 - 2016-05-28 00:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 10:11 - 2016-05-28 00:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 10:11 - 2016-05-28 00:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 10:11 - 2016-05-28 00:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 10:11 - 2016-05-28 00:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 10:11 - 2016-05-28 00:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 10:11 - 2016-05-28 00:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 10:11 - 2016-05-28 00:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 10:11 - 2016-05-28 00:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 10:11 - 2016-05-28 00:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-15 10:11 - 2016-05-28 00:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 10:11 - 2016-05-28 00:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 10:11 - 2016-05-28 00:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 10:11 - 2016-05-28 00:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 10:11 - 2016-05-28 00:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 10:11 - 2016-05-28 00:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 10:11 - 2016-05-28 00:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 10:11 - 2016-05-28 00:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 10:11 - 2016-05-28 00:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 10:11 - 2016-05-28 00:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 10:11 - 2016-05-28 00:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 10:11 - 2016-05-28 00:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 10:11 - 2016-05-28 00:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 10:11 - 2016-05-28 00:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 10:11 - 2016-05-28 00:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 10:11 - 2016-05-28 00:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 10:11 - 2016-05-28 00:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 10:11 - 2016-05-28 00:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 10:11 - 2016-05-28 00:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 10:11 - 2016-05-28 00:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 10:11 - 2016-05-28 00:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 10:11 - 2016-05-28 00:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 10:11 - 2016-05-28 00:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 10:11 - 2016-05-28 00:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 10:11 - 2016-05-28 00:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 10:11 - 2016-05-28 00:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 10:11 - 2016-05-28 00:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 10:11 - 2016-05-28 00:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 10:11 - 2016-05-28 00:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 10:11 - 2016-05-28 00:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 10:11 - 2016-05-28 00:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 10:11 - 2016-05-28 00:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 10:11 - 2016-05-28 00:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 10:11 - 2016-05-28 00:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 10:11 - 2016-05-28 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 10:11 - 2016-05-28 00:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 10:11 - 2016-05-28 00:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 10:11 - 2016-05-28 00:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 10:11 - 2016-05-28 00:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 10:11 - 2016-05-28 00:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 10:11 - 2016-05-28 00:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 10:11 - 2016-05-28 00:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 10:11 - 2016-05-28 00:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 10:11 - 2016-05-28 00:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 10:11 - 2016-05-28 00:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 10:11 - 2016-05-28 00:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 10:11 - 2016-05-28 00:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 10:11 - 2016-05-28 00:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 10:11 - 2016-05-28 00:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 10:11 - 2016-05-28 00:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 10:11 - 2016-05-28 00:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 10:11 - 2016-05-28 00:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 10:11 - 2016-05-28 00:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 10:11 - 2016-05-28 00:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 10:11 - 2016-05-28 00:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 10:11 - 2016-05-28 00:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 10:11 - 2016-05-28 00:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 10:11 - 2016-05-28 00:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 10:11 - 2016-05-28 00:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 10:11 - 2016-05-28 00:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 10:11 - 2016-05-28 00:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 10:11 - 2016-05-28 00:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 10:11 - 2016-05-28 00:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 10:11 - 2016-05-27 23:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 10:11 - 2016-05-27 23:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 10:11 - 2016-05-27 23:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 10:11 - 2016-05-27 23:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 10:11 - 2016-05-27 23:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 10:11 - 2016-05-27 23:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 10:11 - 2016-05-27 23:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 10:11 - 2016-05-27 23:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-15 10:10 - 2016-05-28 00:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 10:10 - 2016-05-28 00:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-15 10:10 - 2016-05-28 00:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 10:10 - 2016-05-28 00:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 10:10 - 2016-05-28 00:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 10:10 - 2016-05-28 00:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 10:10 - 2016-05-28 00:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 10:10 - 2016-05-28 00:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 10:10 - 2016-05-28 00:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 10:10 - 2016-05-28 00:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 10:10 - 2016-05-27 23:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 13:01 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-06 12:56 - 2016-01-24 10:56 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-06 12:56 - 2015-10-30 03:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-06 12:53 - 2013-10-30 06:35 - 00000000 __RDO C:\Users\Wally\SkyDrive
2016-07-06 12:53 - 2013-04-11 08:03 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 12:52 - 2016-03-02 21:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 12:52 - 2015-12-06 16:30 - 00000408 _____ C:\WINDOWS\SysWOW64\iolo.ini
2016-07-06 12:52 - 2015-12-06 16:30 - 00000408 _____ C:\WINDOWS\system32\iolo.ini
2016-07-06 12:52 - 2015-02-15 17:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-06 12:52 - 2013-03-11 08:20 - 00000000 ____D C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
2016-07-06 12:52 - 2013-03-09 05:48 - 00000392 _____ C:\WINDOWS\SysWOW64\iolo.ini.txt
2016-07-06 12:51 - 2015-10-30 02:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-06 12:45 - 2013-04-11 08:03 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-06 11:34 - 2013-03-09 20:37 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-06 08:21 - 2013-10-30 06:36 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D2112584-E7E0-4B8D-AF58-F701DF717C63}
2016-07-05 18:42 - 2016-04-23 18:42 - 00000366 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Wally).job
2016-07-05 16:59 - 2013-02-01 06:26 - 00000000 ____D C:\Program Files\Intel
2016-07-05 16:58 - 2014-08-09 09:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-05 16:49 - 2014-03-09 16:31 - 00000000 ____D C:\Users\Wally\AppData\Local\Adobe
2016-07-05 16:15 - 2013-03-11 09:29 - 00000000 ___RD C:\Users\Wally\Desktop\Desktop Shortcuts
2016-07-05 15:06 - 2013-03-14 12:37 - 00000000 ____D C:\Users\Wally\AppData\Roaming\uTorrent
2016-07-05 14:35 - 2016-03-02 21:20 - 00000000 ____D C:\Users\Wally
2016-07-04 19:28 - 2015-07-28 09:02 - 1486641494 _____ C:\WINDOWS\MEMORY.DMP
2016-07-03 10:10 - 2013-03-22 14:40 - 00000000 ____D C:\Users\Wally\AppData\Local\ElevatedDiagnostics
2016-06-30 23:52 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 10:05 - 2013-03-11 10:35 - 01874432 ___SH C:\Users\Wally\Desktop\Thumbs.db
2016-06-22 16:46 - 2013-03-18 00:10 - 00000000 ____D C:\Users\Wally\Desktop\Docs
2016-06-22 08:52 - 2015-10-30 03:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 08:51 - 2013-03-15 10:31 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-17 17:45 - 2013-12-17 19:42 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 10:48 - 2015-10-30 03:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 01:02 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 09:03 - 2013-03-08 21:10 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 09:01 - 2016-03-02 21:09 - 00347856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 08:59 - 2015-10-30 03:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 08:59 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 08:59 - 2015-10-30 03:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 11:00 - 2013-08-05 12:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-14 21:27 - 2013-03-08 19:39 - 00000000 ____D C:\Users\Wally\AppData\Local\Packages
2016-06-14 15:43 - 2013-03-14 22:35 - 00000000 ____D C:\Users\Wally\AppData\Roaming\AnvSoft
2016-06-14 15:43 - 2013-02-01 06:31 - 00000000 ____D C:\ProgramData\Temp
2016-06-14 14:33 - 2015-10-30 03:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 14:33 - 2015-10-30 03:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 18:56 - 2013-03-08 20:52 - 00001182 _____ C:\Users\Wally\Desktop\CD Drive.lnk
2016-06-08 17:52 - 2013-03-11 10:35 - 00096768 ___SH C:\Users\Wally\Downloads\Thumbs.db

==================== Files in the root of some directories =======

2013-03-16 18:35 - 2016-03-18 09:00 - 0026112 _____ () C:\Users\Wally\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-08 21:22 - 2016-05-07 18:23 - 0007628 _____ () C:\Users\Wally\AppData\Local\resmon.resmoncfg
2013-08-21 13:34 - 2013-08-21 13:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-03-02 21:12 - 2016-03-02 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-02-01 06:33 - 2013-02-01 06:33 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-02-01 06:31 - 2013-02-01 06:32 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-02-01 06:32 - 2013-02-01 06:32 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-02-01 06:31 - 2013-02-01 06:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-02-01 06:33 - 2013-02-01 06:33 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 00:11

==================== End of FRST.txt ============================
--------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Wally (2016-07-06 13:18:01)
Running from C:\Users\Wally\Desktop
Windows 10 Pro Version 1511 (X64) (2016-03-03 01:43:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1809003014-3391605954-1918167186-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1809003014-3391605954-1918167186-503 - Limited - Disabled)
Guest (S-1-5-21-1809003014-3391605954-1918167186-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1809003014-3391605954-1918167186-1008 - Limited - Enabled)
Mcx1-BABY (S-1-5-21-1809003014-3391605954-1918167186-1009 - Limited - Enabled) => C:\Users\Mcx1-BABY
Wally (S-1-5-21-1809003014-3391605954-1918167186-1001 - Administrator - Enabled) => C:\Users\Wally

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: System Shield (Enabled - Up to date) {51A1F251-72D6-FBFA-1969-EBE1F52F559F}
AS: System Shield (Enabled - Up to date) {EAC013B5-54EC-F474-23D9-D0938EA81F22}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{7EF54F6B-68AE-6B96-912A-9B66D2FC765A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Any DVD Converter Professional 5.9.5 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
AVSDK5 (Version: 5.4.11 - CYREN Inc.) Hidden
Camera Access Library (x32 Version: 8.0.0.21 - Canon) Hidden
Camera Support Core Library (x32 Version: 7.3.0.4 - Canon) Hidden
Camera Window DS (x32 Version: 5.3.1 - Canon) Hidden
Camera Window DVC (x32 Version: 5.4.4 - Canon) Hidden
Camera Window DVC (x32 Version: 6.0 - Canon) Hidden
Camera Window MC (x32 Version: 6.0 - Canon) Hidden
Canon Camera Access Library (HKLM-x32\...\InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}) (Version: 8.0.0.21 - Canon)
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}) (Version: 6.0 - Canon)
Canon Camera Window DSLR 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}) (Version: 5.3.1 - Canon)
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}) (Version: 6.0 - Canon)
Canon CanoScan 5600F User Registration (HKLM-x32\...\Canon CanoScan 5600F User Registration) (Version: - )
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}) (Version: 2.1.0.20 - Canon)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Canon ZoomBrowser EX (E) (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
CanoScan 5600F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808) (Version: - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Corel Paint Shop Pro X (HKLM-x32\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.01 - Corel Inc)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.7) (Version: 5.0.1.7 - Coupons.com Incorporated)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberPower PowerPanel Personal Edition (HKLM-x32\...\{A9AC88EB-AD72-45F3-B811-D740E2741761}) (Version: 1.0.2 - Cyber Power Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell System Detect - 1 (HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Digital Wireless Camera (HKLM-x32\...\{8EE8D436-CF54-4713-ABA1-B885FAB43D33}) (Version: 1.00.0000 - Digital Wireless Camera)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 15.5.0 - iolo technologies, LLC)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MovieEdit Task (x32 Version: 2.1.0.20 - Canon) Hidden
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{4B3D9AA4-B47A-4349-A64F-04D5A9226D7C}) (Version: 2.2.915.108 - Fitipower)
Multimedia Card Reader (x32 Version: 2.2.915.108 - Fitipower) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
PhotoStitch (x32 Version: 3.1.16 - Canon) Hidden
PhotoStudio (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
PocketCloud Windows Companion (HKLM-x32\...\{EC67E1FF-4433-4096-A091-CF2828434493}) (Version: 2.5.11 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.200 - Qualcomm Atheros Communications)
RAW Image Task 2.2 (x32 Version: 2.2 - Canon) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic 14 Professional (x32 Version: 15.5.0 - ) Hidden
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME 2.7.3.1894 (HKLM-x32\...\TomTom HOME) (Version: 2.7.3.1894 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - OEM (mr8980) Image (05/10/2010 1.0.0.0) (HKLM\...\D9DD2BFD594FBF5476D0C2CAA2322CB7A65EB7CD) (Version: 05/10/2010 1.0.0.0 - OEM)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1809003014-3391605954-1918167186-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D41C70D-ADEE-40A3-96FD-7434FCF9CDBF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0DE34D74-9072-47CC-B4A1-72441759D768} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0E3DD0A5-B40D-40A6-9A8B-42B0BDB16DF4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {1A5ED956-0B79-48FA-AAC6-0C4EBDE2A1A1} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {1C929AD9-EB52-43FE-B7EC-E069A02215CA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1809003014-3391605954-1918167186-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {20860F16-58BE-4B19-88CE-AFD3D94C27E9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {23D2BD81-8707-458D-97E1-F9574AC8B96C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2605C152-B177-4145-84DF-60DB9ACAA3BB} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2016-02-19] (iolo technologies, LLC)
Task: {2984C6E3-F6AE-4D01-BABC-DC12964F6DC7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2B958A77-E01B-4AF9-80C6-A62CFBB283FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {3098465C-ECD2-4D58-A811-635A7F3D3517} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {39DE25DF-3777-4050-9A04-B794306F86E8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {41F67168-6498-4BEE-BEA5-5E50B98F5A73} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {44254A12-C8A4-425A-946D-D8C37A7372F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {4822FC55-C17D-47F9-BE70-4DAB251561DD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4EFE77B4-A8D9-4E0D-85F9-91431F95F06B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4F948D8F-E630-498D-B37E-8C6E470BD9E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5313CE2F-9D89-4A60-A9CB-5346610103BB} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {547D5B9D-AB97-4523-959B-454CA88B9D8E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {58A1B209-8551-4A20-BCE5-B5A424B257D9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5CEF2D7C-E221-452B-871C-AB8DDF20D55C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {5DAD4570-46A1-4C6E-94C7-EEC5311178BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5EF2FE9B-7142-4FDE-AA17-F2439F3DBC7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-06] (Microsoft Corporation)
Task: {5F500C16-63E0-4578-8A3E-793044A57CE8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {6234ADBD-F0DE-4FCE-8FF3-A1FC2967BEB3} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Wally) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {68A6E9C1-7F7E-4B3D-8867-1FE491E796E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6C4140CA-EAA2-44A9-9B82-E1F0AA471395} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1809003014-3391605954-1918167186-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {7648F4DE-EE9C-4C3D-BF6D-BF03DD1D4593} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {77FAE1E6-7165-43A0-9760-5FD24D20F14C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7A63AB31-9591-4C08-AE90-7BB0F9CBA0D3} - System32\Tasks\{36763DA1-ECFE-4559-8972-0BB230E01797} => pcalua.exe -a H:\Setupx.exe -d C:\Users\Wally\Desktop
Task: {7CC0A7B5-70CC-44C0-AF15-79CCC15215F2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {7D8AA22C-2290-4626-9A39-F9C75D50E1C7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {849A3EB1-DB09-4D04-94D2-D8585B9B0308} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {84E11B24-5951-4047-B355-F7C500099D53} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {88F8437D-1CDE-4E3D-8AD6-1BFCA2454341} - System32\Tasks\HP AR Program Upload - 61d27a6000934c358a684474d8ea7a7d74dc508bae1e4a3ab72b7a4659b40e2f => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {892AEC4F-E6A7-4D10-B094-3E85F86B8B0C} - System32\Tasks\HP AR Program Upload - aae4af7739b04c408c8484c8c327380b51111769f7c2461591af5acf99006fc1 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {8AB444DA-E60A-4903-B773-51BD88BDD04A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {909DB146-9C6E-4029-A96E-D36E0823601D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {9A58CAFD-789A-4D96-B694-8E1A610DB3A7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9C67B869-FDDC-4B46-AAB4-9A545EAE5487} - System32\Tasks\iolo DelOnReboot => /c IF EXIST C:\ProgramData\iolo\ops\smrr.dll del /f C:\ProgramData\iolo\ops\smrr.dll
Task: {A6CAB6B3-9AC7-462B-B874-373B030DB24A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A7094392-EFB6-4AF9-91C6-24A668BCD4A3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B3CD3E37-5316-4EE3-AB58-D9C0369E3285} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {BAE14335-BD10-406D-9F62-A2B4DB136A07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BDC028DC-6A9E-4C72-B1FB-5CEFF2FD11CC} - System32\Tasks\HP AR Program Upload - 5e2b7424ac114cc7b4a4b87704486f7fa66403f21614493f9725ae38e03d85ce => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BDF8D77C-4768-4291-9E25-C7F28024C596} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C73AD6C9-931E-452A-B853-DACD14407B81} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CE5A3591-91B8-479D-8F0B-24B484D90E98} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-05] (Adobe Systems Incorporated)
Task: {CFB557B8-5C94-403B-808D-286BE995620E} - System32\Tasks\{71E6D23A-3A65-4E4E-B7AF-4817CEC43B33} => pcalua.exe -a H:\ctrun\start.exe -d C:\Users\Wally\Desktop
Task: {D39F6200-EB78-4042-B279-5AA81AAD13B1} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-BABY => C:\Windows\ehome\McxTask.exe
Task: {D903F024-F8D8-4907-AB88-E0E6FF859E01} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-04-22] (Dell Inc.)
Task: {D9FC0694-CDCB-4C98-89C1-8F18D22021FD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DB4F938A-F8F4-4668-BD10-4B501566E10B} - System32\Tasks\HP AR Program Upload - ae4cb35c79d547b88e51dc64fa0231a10377b6fe1d1345c792515ba214721d55 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {E844EB6B-520D-4571-9E3B-D6D31CBB2B28} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E9E1E3D2-7EE0-4BCC-9FA5-1E00AAFBE910} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {EAA0942B-DE1E-4D9E-BB63-7A99AAB4A62C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {EAC3573A-C1C7-4AE8-8810-4CC478358416} - System32\Tasks\{00BEBAB8-0786-4E12-ADE4-37E25EA3C558} => pcalua.exe -a "C:\Program Files (x86)\Canon\IJEREG\CanoScan 5600F\IJEREG.exe" -d C:\Users\Wally\Desktop
Task: {F08A25C6-F896-44CD-9F04-7F3296430756} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F0E15801-0DBC-4692-9E6F-71D734BA0B34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F4D4B63D-D51B-44AD-978B-B2FA7811B2F5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BeFrugal.com Toolbar.job => C:\Users\Wally\AppData\Local\Programs\BeFrugal.com\Add-On\2013.3.17.10\BFHP.exe C:\Users\Wally\AppData\Local\Programs\BeFrugal.com\Add-On\2013.3.17.10BeFrugal.com
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Wally).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-28 12:50 - 2016-02-19 08:15 - 00160256 _____ () C:\windows\system32\iavlsp64.dll
2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-03-15 11:54 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2007-01-10 20:54 - 2007-01-10 20:54 - 00512000 _____ () C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
2016-04-13 07:01 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 07:01 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-17 15:19 - 2016-05-17 15:19 - 00959168 _____ () C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-10-30 04:58 - 2015-09-01 12:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-14 23:49 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2016-04-19 17:30 - 2016-04-19 17:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-03 00:05 - 2016-03-03 00:05 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 13:56 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 10:11 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 10:11 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 10:11 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 10:11 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-03-11 09:46 - 2010-05-09 18:58 - 03427328 _____ () C:\Program Files (x86)\Uniden Surveillance System\Uniden Surveillance System.exe
2007-01-10 20:53 - 2007-01-10 20:53 - 00262144 _____ () C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
2012-06-28 19:39 - 2012-06-28 19:39 - 00262144 _____ () C:\Program Files (x86)\Multimedia Card Reader(9106)\Shwicon9106.exe
2016-04-19 17:30 - 2016-04-19 17:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:30 - 2016-04-19 17:30 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2013-03-11 09:46 - 2008-08-22 15:44 - 00029736 _____ () C:\Program Files (x86)\Uniden Surveillance System\zdevice.dll
2013-03-11 09:46 - 2008-10-13 14:12 - 00018944 _____ () C:\Program Files (x86)\Uniden Surveillance System\znotify.dll
2013-03-11 09:46 - 2010-02-03 18:51 - 00184320 _____ () C:\Program Files (x86)\Uniden Surveillance System\vvfw.dll
2013-03-11 09:46 - 2008-06-24 20:27 - 00022528 _____ () C:\Program Files (x86)\Uniden Surveillance System\MR8980s.dll
2013-03-11 09:46 - 2010-01-25 17:22 - 00155648 _____ () C:\Program Files (x86)\Uniden Surveillance System\AudioCodec.dll
2013-03-11 09:46 - 2008-11-08 14:31 - 00019968 _____ () C:\Program Files (x86)\Uniden Surveillance System\AviWriter.dll
2013-03-11 09:46 - 2010-01-25 17:53 - 00598016 _____ () C:\Program Files (x86)\Uniden Surveillance System\vcore.dll
2016-05-17 15:19 - 2016-05-17 15:19 - 00679624 _____ () C:\Users\Wally\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2013-02-01 06:26 - 2012-06-26 05:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:FB1B13D8 [334]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\regfile\shell\open\command: regedit.exe "%1" %* <===== ATTENTION
HKLM\...\scrfile\shell\open\command: "%1" %* <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2016-07-06 11:47 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wally\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "PocketCloud Location"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "NeroFilterCheck"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G9"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive9"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\Run: => "Power2GoExpress9"
HKU\S-1-5-21-1809003014-3391605954-1918167186-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4F1EA415-5ED4-476E-90C0-18FDD2AF6785}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [{A64D0195-9664-438B-B61E-DBD04B868678}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [{DA5D2FFE-4200-4F35-A133-53B084DD4908}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EBD5855E-9C4D-45E8-A37C-445E41EA7548}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D69343DB-FCE0-4C90-A64F-090F16B851DF}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{5829A951-588C-4097-8D6C-1F4266475B77}] => (Allow) C:\Users\Wally\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{607E5529-9C62-4ADF-9D5E-DCC99F46A2BC}] => (Allow) C:\Users\Wally\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{F75B5EA4-21DD-4438-9585-C001363E3C68}C:\program files (x86)\camguard security system (home edition)\camguard.exe] => (Allow) C:\program files (x86)\camguard security system (home edition)\camguard.exe
FirewallRules: [TCP Query User{85FD35D7-B74D-4419-B478-0433D2A2C1D6}C:\program files (x86)\camguard security system (home edition)\camguard.exe] => (Allow) C:\program files (x86)\camguard security system (home edition)\camguard.exe
FirewallRules: [UDP Query User{D75C9427-4403-4DA4-90B2-C9E91697F3FA}C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe] => (Block) C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe
FirewallRules: [TCP Query User{0D060ECE-0169-4A40-9277-C89821EC2641}C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe] => (Block) C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe
FirewallRules: [{203C9811-5E87-426D-9AAC-D507DEDBA908}] => (Allow) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
FirewallRules: [{C3E8DC3E-709B-4E99-BC82-B01ED146B403}] => (Allow) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
FirewallRules: [{9AA995AF-CC2A-425D-B2C2-346E4336023A}] => (Allow) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
FirewallRules: [{943636D9-34A0-4B9D-A34D-00997528381A}] => (Allow) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
FirewallRules: [{BF392FCE-3D21-48A6-BD7A-5B9C5A2EE7EF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9BCA82A5-16E0-47A8-ABF2-1D0064C8B2B9}] => (Allow) LPort=1900
FirewallRules: [{0B629D13-ED99-4FEE-B953-8901A1D13024}] => (Allow) LPort=2869
FirewallRules: [{864DF01C-CD5F-4955-BA41-7B0BBDDD7043}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0317DFCE-E5C5-4F16-91AD-CEBE80AE8494}] => (Allow) C:\Users\Wally\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [UDP Query User{2ABD438A-2B86-48B0-A6B1-09157F409589}C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe] => (Allow) C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe
FirewallRules: [TCP Query User{ADED87E9-85D0-409C-816C-54E5A8B82378}C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe] => (Allow) C:\program files (x86)\uniden surveillance system\uniden surveillance system.exe
FirewallRules: [{F0C66A01-123A-4E4E-8475-D36F31642368}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
FirewallRules: [{65A4C12D-E3CE-4B30-AE08-C5877A87BA56}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{FEF6FBB7-D80E-407D-A805-AD691A969F51}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{F52E6F2E-C880-48AC-950F-3D92696F2278}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
FirewallRules: [{5636B5ED-F6FF-48D8-87B8-4107B092B589}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
FirewallRules: [UDP Query User{718867DB-81F5-42AF-B638-73E338B703CA}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Block) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
FirewallRules: [TCP Query User{66AA9A50-7B24-44C2-B4FF-D9FA884211A0}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Block) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe
FirewallRules: [UDP Query User{DB68B6CE-EADE-4119-BFC1-580B8CD13A14}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Block) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
FirewallRules: [TCP Query User{FA8FCB96-03D4-42D7-A0BF-5EF145DDD69A}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Block) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe
FirewallRules: [{10D1C0D7-3AAF-4DB9-BA1E-838908427258}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{911AF993-D94F-45AB-9ABA-2CDC2FC7CB54}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9B8DDD86-73C8-456D-B7D1-C3D9AFAA539B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{62D9E112-C7BF-42C8-ABF1-353AFF1F9626}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{7D1FEC17-C6BF-41B2-A596-2403CAEEEB8A}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
FirewallRules: [{EC8357D0-2007-430D-856C-32AD6C402785}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
FirewallRules: [{FB31C635-BB9E-4181-A293-B70DBEDA93D3}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe
FirewallRules: [{27C38F14-33AA-4B62-B0DD-840440FB3065}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7D38447-4804-4EC4-9344-98A7DF1ABACD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4EE4FEC5-201F-466C-9407-38BFC540D82C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FAB6C46C-C245-4409-8083-0F639585B1B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B07CA95F-C3A2-42D1-B1D5-D77F616E6186}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{8966A797-AE1D-4A63-9F0A-9AF830407DAD}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [{97EFB706-46AB-455C-9677-7E9F3F2A943A}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [{1304B762-D54A-400F-A5E3-ED3B3251DB49}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe
FirewallRules: [{02725BD2-FD06-46CB-8F02-334916750D4F}] => (Allow) C:\Users\Wally\AppData\Local\Temp\7zS652C\HPDiagnosticCoreUI.exe
FirewallRules: [{397EB351-1726-4AC2-9454-DD83377EC832}] => (Allow) C:\Users\Wally\AppData\Local\Temp\7zS652C\HPDiagnosticCoreUI.exe
FirewallRules: [{4633E347-4CAE-43BC-9C45-48E500AF6066}] => (Allow) C:\Users\Wally\AppData\Local\Temp\7zS2F87\HPDiagnosticCoreUI.exe
FirewallRules: [{856351EC-AE81-4782-9ABA-844D4FC0B503}] => (Allow) C:\Users\Wally\AppData\Local\Temp\7zS2F87\HPDiagnosticCoreUI.exe
FirewallRules: [{BCE4FE9E-FEA0-4C57-8ED5-2766495AFABC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

18-06-2016 12:09:40 Windows Update
21-06-2016 23:18:33 Windows Update
25-06-2016 10:33:55 Windows Update
28-06-2016 15:42:14 Windows Update
01-07-2016 17:50:28 Windows Update
04-07-2016 19:39:22 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2016 07:39:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (07/01/2016 05:50:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/29/2016 05:10:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: Flash.ocx, version: 22.0.0.192, time stamp: 0x575f25d9
Exception code: 0xc0000005
Fault offset: 0x000000000093e4a0
Faulting process id: 0x1b80
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (06/28/2016 03:42:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/28/2016 08:13:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: edgehtml.dll, version: 11.0.10586.420, time stamp: 0x57491e8a
Exception code: 0xc00000fd
Fault offset: 0x000000000040886d
Faulting process id: 0x3550
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (06/25/2016 10:34:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/23/2016 04:31:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: chakra.dll, version: 11.0.10586.420, time stamp: 0x57491758
Exception code: 0xc0000005
Fault offset: 0x0000000000279aa1
Faulting process id: 0x2b20
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (06/22/2016 06:31:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: Flash.ocx, version: 22.0.0.192, time stamp: 0x575f25d9
Exception code: 0xc0000005
Fault offset: 0x0000000000998f99
Faulting process id: 0x1e28
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (06/21/2016 11:18:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/21/2016 09:28:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BABY)
Description: Activation of app Microsoft.WindowsMaps_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (07/06/2016 12:56:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - Imaging - Null Print - HP Deskjet 3510 series.

Error: (07/06/2016 12:54:37 PM) (Source: DCOM) (EventID: 10016) (User: BABY)
Description: application-specificLocalActivation{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}BabyWallyS-1-5-21-1809003014-3391605954-1918167186-1001LocalHost (Using LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

Error: (07/06/2016 12:51:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_5218daf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/06/2016 12:51:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_5218daf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/06/2016 12:51:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_5218daf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/06/2016 12:51:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_5218daf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/06/2016 12:51:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/05/2016 07:32:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - Imaging - Null Print - HP Deskjet 3510 series.

Error: (07/05/2016 07:19:07 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (07/05/2016 07:19:04 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.


CodeIntegrity:
===================================
Date: 2016-06-18 12:08:47.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-17 22:25:29.491
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 09:02:55.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 03:08:45.852
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-14 14:53:57.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-14 03:00:17.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-13 16:08:47.292
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-11 03:33:41.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-17 19:18:29.228
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-16 17:21:18.648
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 8%
Total physical RAM: 32728.96 MB
Available physical RAM: 29944.73 MB
Total Virtual: 37592.96 MB
Available Virtual: 34678.47 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.61 GB) (Free:852.44 GB) NTFS
Drive i: (EXTERNAL ) (Fixed) (Total:811.57 GB) (Free:762.39 GB) NTFS
Drive j: (External (J:)) (Fixed) (Total:931.01 GB) (Free:268.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF4EE248)

Partition: GPT.

========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 69205244)
No partition Table on disk 5.

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
  • 0

Advertisements

#2
BrianDrab
Posted 07 July 2016 - 05:38 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi and welcome to G2G. I'm very familiar with the type of scam you had. Usually nothing is put on your machine until you call the number and then let them on your machine. And even then, they usually just want you to pay them to "clean it up". In any event I've reviewed your logs and you are fairly clean. Some minor things but nothing from this event.


  • 0

#3
zed1
Posted 08 July 2016 - 08:35 AM

zed1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts

That's good to hear, I thought much the same thing as I try to keep up on what the bad guys are up to and getting rid of the window was easy enough, but you can never be too careful and having another opinion is always a good choice and I appreciate the time and effort you put forth to do so...Thank you.  As to the minor things, I assume that they are nothing to get my shorts in a bind about ?


  • 0

#4
BrianDrab
Posted 08 July 2016 - 10:23 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Correct. Nothing to worry about.


  • 0

#5
zed1
Posted 08 July 2016 - 11:34 AM

zed1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts

That's good to hear, and again thank you for you're time and trouble.  I appreciate it greatly.


  • 0

#6
BrianDrab
Posted 08 July 2016 - 11:35 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

No problem and take care.


  • 0

#7
BrianDrab
Posted 08 July 2016 - 11:35 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP