Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is really infected


  • This topic is locked This topic is locked

#1
jacuzzi

jacuzzi

    Member

  • Member
  • PipPip
  • 23 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Mom n Dad (administrator) on MOMNDAD-PC (12-09-2016 13:38:39)
Running from C:\Users\Mom n Dad\Downloads
Loaded Profiles: Mom n Dad (Available Profiles: Mom n Dad & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Pantech) C:\Program Files (x86)\NCMC\EUDL\UTM\PantechUTM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
(Google Inc.) C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe
(Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe [2012104 2015-11-28] (Corel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 32-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 64-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [EasyMailLogin EPM Support] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dimedint.exe [12824 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 32-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE [230424 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 64-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe [265752 2015-07-13] (Mindspark)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [5673824 2014-10-01] (PC Drivers Headquarters)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Google Update] => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-15] (Google Inc.)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Chromium] => c:\users\mom n dad\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [GoogleChromeAutoLaunch_EDEAD0EEDAACD124313EA82B8625168E] => C:\Users\Mom n Dad\AppData\Local\Chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af21f-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af332-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13101
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1185df9b-6f1d-4fef-88ab-b9873ef8a071}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285d4a35-be8b-4254-975d-0a0a65203b73}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 - (No Name) - {f78d8db4-444a-4a47-bec1-32164fe6b224} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {0D9AF04D-D70D-4AF8-A51B-CADA5C050768} URL = hxxps://delicious.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {67A88121-0959-44EB-B659-E80911541B35} URL = hxxps://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation)
BHO-x32: Toolbar BHO -> {2be98f70-2202-4f66-886c-c56f85bc28ce} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Search Assistant BHO -> {38c497c4-02cd-47d8-b69a-0658bdcc505c} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll [2015-07-13] (Mindspark)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-04] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-04] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - EasyMailLogin - {99d36030-fbbc-4f19-a436-3911134193db} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-11-29] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/O1DPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Google Docs) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Google Drive) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Sheets) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (Google Docs Offline) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (RealDownloader) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-09-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (Gmail) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 Pantech UTM Service; C:\Program Files (x86)\NCMC\EUDL\UTM\PantechService.exe [65536 2011-05-20] (TODO: <Company name>) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-06-30] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2011-11-29] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-19] (Qualcomm Atheros Communications, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
S1 gwrvpwes; C:\WINDOWS\system32\drivers\gwrvpwes.sys [55168 2016-09-12] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 {10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64; C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64.sys [48832 2014-11-06] (StdLib)
R1 {255a824a-3cde-4dee-9785-284605606456}Gw64; C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw64.sys [48832 2014-10-28] (StdLib)
R1 {3cac76e7-8310-45ea-8277-96d048a78c60}Gw64; C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw64.sys [48784 2014-11-27] (StdLib)
R1 {4530e639-76ab-4435-889d-a5e81ae090a4}Gw64; C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {46a147d8-5171-42d8-b8a8-6a187525781d}Gw64; C:\Windows\System32\drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64.sys [48832 2014-11-10] (StdLib)
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys [61072 2014-07-24] (StdLib)
R1 {67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64; C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64; C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64.sys [48784 2014-10-19] (StdLib)
R1 {733fb217-c049-41ba-9504-3f2045e61977}Gw64; C:\Windows\System32\drivers\{733fb217-c049-41ba-9504-3f2045e61977}Gw64.sys [48784 2014-10-21] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-13] (StdLib)
R1 {9d5747ee-0448-4681-8337-1555de75a3b6}w64; C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}w64.sys [61120 2014-06-16] (StdLib)
R1 {b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64; C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys [48784 2014-10-25] (StdLib)
R1 {b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64; C:\Windows\System32\drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64.sys [48784 2014-11-26] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys [48784 2014-10-05] (StdLib)
R1 {d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64; C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {d997fcb4-42b4-4f84-a147-2e498567c954}Gw64; C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw64.sys [48784 2014-11-28] (StdLib)
R1 {dc592624-f532-4311-9fc7-6920126fc404}Gw64; C:\Windows\System32\drivers\{dc592624-f532-4311-9fc7-6920126fc404}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64; C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64; C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64.sys [48832 2014-11-03] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64.sys [48832 2014-10-31] (StdLib)
S1 ajcqhycc; \??\C:\WINDOWS\system32\drivers\ajcqhycc.sys [X]
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:38 - 2016-09-12 13:39 - 00029884 _____ C:\Users\Mom n Dad\Downloads\FRST.txt
2016-09-12 13:37 - 2016-09-12 13:37 - 02397696 _____ (Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe
2016-09-12 13:27 - 2016-09-12 13:38 - 00000000 ____D C:\FRST
2016-09-12 13:25 - 2016-09-12 13:25 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gwrvpwes.sys
2016-09-12 13:09 - 2016-09-12 13:10 - 03826240 _____ C:\Users\Mom n Dad\Downloads\adwcleaner_6.010.exe
2016-09-07 20:42 - 2016-09-07 20:42 - 00001273 _____ C:\Users\Mom n Dad\Desktop\Continue Flash Player Pro Installation.lnk
2016-09-06 22:12 - 2016-09-06 22:37 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\PlutoTV
2016-09-06 22:07 - 2016-09-06 22:07 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\IsolatedStorage
2016-09-06 22:06 - 2016-09-06 22:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CEF
2016-09-06 22:05 - 2016-09-06 22:38 - 00000000 ____D C:\Program Files\COMODO
2016-09-06 22:05 - 2016-09-06 22:10 - 00000000 ____D C:\ProgramData\COMODO
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Setup548490453
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\sano
2016-09-06 14:56 - 2016-09-06 14:56 - 00001936 _____ C:\Users\Mom n Dad\Desktop\Dawn.lnk
2016-09-06 11:59 - 2016-09-06 12:09 - 00000000 ____D C:\Users\Mom n Dad\Mail_20160906
2016-09-05 17:37 - 2016-09-05 17:37 - 04016517 _____ C:\Users\Mom n Dad\Downloads\F9 FIS Packet.pdf
2016-09-03 11:23 - 2016-09-03 11:23 - 00000000 ____D C:\ProgramData\Roblox
2016-09-03 11:22 - 2016-09-03 11:22 - 00000000 ____D C:\Program Files (x86)\Roblox
2016-08-31 10:12 - 2016-08-31 10:12 - 00000000 _____ C:\Users\Mom n Dad\Desktop\refresh (1) - Shortcut.lnk
2016-08-23 14:07 - 2016-08-23 14:07 - 00003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 14:05 - 2016-08-23 14:05 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Skype
2016-08-22 23:27 - 2016-08-22 23:27 - 00001940 _____ C:\Users\Mom n Dad\Desktop\rFactor.lnk
2016-08-22 23:24 - 2016-08-22 23:24 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor
2016-08-22 23:23 - 2016-08-22 23:26 - 00000000 ____D C:\Program Files (x86)\rFactor
2016-08-22 23:10 - 2016-08-22 23:10 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\YourUpdater
2016-08-22 23:08 - 2016-09-07 10:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-22 23:08 - 2016-08-23 12:20 - 00000000 ____D C:\Program Files (x86)\SoftwareUpd
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\SafeSavings
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\PC_Support
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\2.txt
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\1.txt
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\oneClickRoot
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\AWSToolkit
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\.android
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Program Files (x86)\One Click Root
2016-08-20 10:51 - 2016-08-20 10:51 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\One Click Root
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:39 - 2014-04-18 05:52 - 00000368 _____ C:\WINDOWS\Tasks\CIMT_S-1-5-21-1399685641-2452391960-3966799618-1001.job
2016-09-12 13:39 - 2012-04-29 00:54 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-12 13:38 - 2012-09-22 21:23 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Nero
2016-09-12 13:37 - 2012-04-29 01:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-12 13:30 - 2016-07-26 10:17 - 00000000 ____D C:\Users\Mom n Dad\Desktop\Mail_20160726
2016-09-12 13:25 - 2016-01-22 05:01 - 01021998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-12 13:25 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-12 13:20 - 2013-11-29 19:38 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-12 13:18 - 2015-07-30 07:33 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001UA.job
2016-09-12 13:17 - 2016-01-22 05:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 13:17 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 13:16 - 2016-01-22 05:02 - 00000000 ____D C:\Users\Mom n Dad
2016-09-12 13:15 - 2014-06-22 11:58 - 00000000 ____D C:\AdwCleaner
2016-09-12 13:14 - 2012-10-16 13:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-09-12 13:13 - 2014-03-22 20:20 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\Yahoo!
2016-09-12 13:13 - 2012-10-16 13:48 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Yahoo!
2016-09-12 12:48 - 2013-11-29 19:38 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-12 09:09 - 2012-09-22 21:52 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7A768056-8E95-406D-9C2A-AB86A5C81525}
2016-09-12 08:27 - 2016-02-03 02:27 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CrashDumps
2016-09-12 02:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-11 15:18 - 2015-09-18 17:52 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001Core.job
2016-09-10 07:12 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-07 21:09 - 2016-02-08 13:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\FlickrUploadrWindows
2016-09-07 19:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 12:04 - 2012-09-23 12:09 - 00000000 ____D C:\ProgramData\PCDr
2016-09-07 11:04 - 2014-06-22 13:32 - 00000233 _____ C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2016-09-06 22:03 - 2014-10-07 03:38 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-09-06 12:34 - 2016-05-11 21:46 - 00000000 ____D C:\Users\Mom n Dad\Documents\Outlook Files
2016-09-06 11:45 - 2016-01-22 05:01 - 01035958 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-03 17:33 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 17:33 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-03 11:41 - 2016-05-06 20:11 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\RbxLogs
2016-09-03 11:23 - 2016-05-06 20:11 - 00000244 _____ C:\Users\Mom n Dad\AppData\LocalLow\rbxcsettings.rbx
2016-09-02 11:00 - 2012-11-04 19:46 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-08-31 13:40 - 2014-08-14 19:15 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Packages
2016-08-31 13:23 - 2013-03-03 12:16 - 00000048 _____ C:\Users\Mom n Dad\jagex_cl_oldschool_LIVE.dat
2016-08-30 08:43 - 2012-10-07 14:56 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Games - Shortcut.lnk
2016-08-29 09:29 - 2016-06-01 11:30 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Person 1 - Chromium.lnk
2016-08-29 05:45 - 2016-07-13 12:43 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-27 00:27 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-24 21:08 - 2014-07-24 17:23 - 00000000 ____D C:\Users\Mom n Dad\Downloads\Driver Support
2016-08-23 14:07 - 2015-11-12 09:48 - 00002423 _____ C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 14:07 - 2015-11-12 09:48 - 00000000 ___RD C:\Users\Mom n Dad\OneDrive
2016-08-23 12:21 - 2016-01-22 04:54 - 00366152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-18 08:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-17 14:23 - 2015-09-10 00:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-17 14:13 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-17 14:13 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories =======

2003-03-18 22:20 - 2003-03-18 22:20 - 1060864 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71.dll
2003-03-18 21:44 - 2003-03-18 21:44 - 0040960 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHS.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0045056 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHT.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0065536 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71DEU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0057344 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ENU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ESP.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71FRA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ITA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71JPN.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71KOR.DLL
2003-03-18 22:12 - 2003-03-18 22:12 - 1047552 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71u.dll
2016-06-10 13:17 - 2016-06-10 13:17 - 2049556 _____ () C:\Users\Mom n Dad\AppData\Roaming\sb359.dat
2016-06-10 13:17 - 2016-06-10 13:17 - 0253952 _____ () C:\Users\Mom n Dad\AppData\Roaming\Setup47968.exe
2014-06-22 13:32 - 2016-09-07 11:04 - 0000233 _____ () C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2015-01-04 20:58 - 2015-01-04 20:58 - 0000010 _____ () C:\Users\Mom n Dad\AppData\Local\DSI.DAT
2015-01-04 20:58 - 2015-01-04 20:58 - 0022528 _____ () C:\Users\Mom n Dad\AppData\Local\dsisetup2094711532.exe
2014-07-19 12:16 - 2014-07-19 12:16 - 0000017 _____ () C:\Users\Mom n Dad\AppData\Local\resmon.resmoncfg
2015-12-19 17:32 - 2015-12-19 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{0698FE7B-E414-4BB9-8209-FEAB7FB84A34}
2015-12-26 17:32 - 2015-12-26 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{4F9E012A-B0F7-4988-8C86-80C15AFAC133}
2015-12-20 17:32 - 2015-12-20 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{5B0B5687-B085-47B9-9266-0AC8894FBC48}
2015-12-25 17:32 - 2015-12-25 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{6BCFBDB5-13CA-4BA0-9D52-F5DED8CDCCAB}
2015-12-24 17:32 - 2015-12-24 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{7C950353-CCB5-4619-BEC1-845D41D0A3EE}
2015-12-22 17:32 - 2015-12-22 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{99ADE811-4040-48CB-AB88-B99011B5366C}
2015-12-23 17:32 - 2015-12-23 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{9CD32FAC-56F8-47B0-8929-2100E8BE3501}
2015-12-21 17:32 - 2015-12-21 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{DB925C31-3D0E-4629-B67A-C92960EF44E9}
2013-01-11 22:55 - 2013-01-11 22:55 - 0000069 _____ () C:\ProgramData\dsgsdgdsgdsgw.bat
2013-01-11 22:55 - 2013-01-11 22:55 - 0000159 _____ () C:\ProgramData\dsgsdgdsgdsgw.reg
2015-09-19 13:39 - 2015-09-19 13:39 - 5133208 _____ (© PC Cleaners Inc) C:\ProgramData\pclunst.exe

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.bat
C:\ProgramData\dsgsdgdsgdsgw.reg
C:\ProgramData\pclunst.exe

Some files in TEMP:
====================
C:\Users\Mom n Dad\AppData\Local\Temp\CorrLinks.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro (2).exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro.exe
C:\Users\Mom n Dad\AppData\Local\Temp\libeay32.dll
C:\Users\Mom n Dad\AppData\Local\Temp\lowproc.exe
C:\Users\Mom n Dad\AppData\Local\Temp\msvcr120.dll
C:\Users\Mom n Dad\AppData\Local\Temp\pspx8.0_cnet.exe
C:\Users\Mom n Dad\AppData\Local\Temp\sqlite3.dll
C:\Users\Mom n Dad\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-05 20:03

==================== End of FRST.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Mom n Dad (administrator) on MOMNDAD-PC (12-09-2016 13:38:39)
Running from C:\Users\Mom n Dad\Downloads
Loaded Profiles: Mom n Dad (Available Profiles: Mom n Dad & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Pantech) C:\Program Files (x86)\NCMC\EUDL\UTM\PantechUTM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
(Google Inc.) C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe
(Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe [2012104 2015-11-28] (Corel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 32-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 64-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [EasyMailLogin EPM Support] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dimedint.exe [12824 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 32-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE [230424 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 64-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe [265752 2015-07-13] (Mindspark)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [5673824 2014-10-01] (PC Drivers Headquarters)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Google Update] => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-15] (Google Inc.)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Chromium] => c:\users\mom n dad\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [GoogleChromeAutoLaunch_EDEAD0EEDAACD124313EA82B8625168E] => C:\Users\Mom n Dad\AppData\Local\Chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af21f-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af332-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13101
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1185df9b-6f1d-4fef-88ab-b9873ef8a071}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285d4a35-be8b-4254-975d-0a0a65203b73}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 - (No Name) - {f78d8db4-444a-4a47-bec1-32164fe6b224} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {0D9AF04D-D70D-4AF8-A51B-CADA5C050768} URL = hxxps://delicious.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {67A88121-0959-44EB-B659-E80911541B35} URL = hxxps://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation)
BHO-x32: Toolbar BHO -> {2be98f70-2202-4f66-886c-c56f85bc28ce} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Search Assistant BHO -> {38c497c4-02cd-47d8-b69a-0658bdcc505c} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll [2015-07-13] (Mindspark)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-04] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-04] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - EasyMailLogin - {99d36030-fbbc-4f19-a436-3911134193db} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-11-29] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/O1DPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Google Docs) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Google Drive) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Sheets) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (Google Docs Offline) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (RealDownloader) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-09-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (Gmail) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 Pantech UTM Service; C:\Program Files (x86)\NCMC\EUDL\UTM\PantechService.exe [65536 2011-05-20] (TODO: <Company name>) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-06-30] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2011-11-29] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-19] (Qualcomm Atheros Communications, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
S1 gwrvpwes; C:\WINDOWS\system32\drivers\gwrvpwes.sys [55168 2016-09-12] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 {10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64; C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64.sys [48832 2014-11-06] (StdLib)
R1 {255a824a-3cde-4dee-9785-284605606456}Gw64; C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw64.sys [48832 2014-10-28] (StdLib)
R1 {3cac76e7-8310-45ea-8277-96d048a78c60}Gw64; C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw64.sys [48784 2014-11-27] (StdLib)
R1 {4530e639-76ab-4435-889d-a5e81ae090a4}Gw64; C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {46a147d8-5171-42d8-b8a8-6a187525781d}Gw64; C:\Windows\System32\drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64.sys [48832 2014-11-10] (StdLib)
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys [61072 2014-07-24] (StdLib)
R1 {67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64; C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64; C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64.sys [48784 2014-10-19] (StdLib)
R1 {733fb217-c049-41ba-9504-3f2045e61977}Gw64; C:\Windows\System32\drivers\{733fb217-c049-41ba-9504-3f2045e61977}Gw64.sys [48784 2014-10-21] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-13] (StdLib)
R1 {9d5747ee-0448-4681-8337-1555de75a3b6}w64; C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}w64.sys [61120 2014-06-16] (StdLib)
R1 {b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64; C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys [48784 2014-10-25] (StdLib)
R1 {b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64; C:\Windows\System32\drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64.sys [48784 2014-11-26] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys [48784 2014-10-05] (StdLib)
R1 {d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64; C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {d997fcb4-42b4-4f84-a147-2e498567c954}Gw64; C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw64.sys [48784 2014-11-28] (StdLib)
R1 {dc592624-f532-4311-9fc7-6920126fc404}Gw64; C:\Windows\System32\drivers\{dc592624-f532-4311-9fc7-6920126fc404}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64; C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64; C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64.sys [48832 2014-11-03] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64.sys [48832 2014-10-31] (StdLib)
S1 ajcqhycc; \??\C:\WINDOWS\system32\drivers\ajcqhycc.sys [X]
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:38 - 2016-09-12 13:39 - 00029884 _____ C:\Users\Mom n Dad\Downloads\FRST.txt
2016-09-12 13:37 - 2016-09-12 13:37 - 02397696 _____ (Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe
2016-09-12 13:27 - 2016-09-12 13:38 - 00000000 ____D C:\FRST
2016-09-12 13:25 - 2016-09-12 13:25 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gwrvpwes.sys
2016-09-12 13:09 - 2016-09-12 13:10 - 03826240 _____ C:\Users\Mom n Dad\Downloads\adwcleaner_6.010.exe
2016-09-07 20:42 - 2016-09-07 20:42 - 00001273 _____ C:\Users\Mom n Dad\Desktop\Continue Flash Player Pro Installation.lnk
2016-09-06 22:12 - 2016-09-06 22:37 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\PlutoTV
2016-09-06 22:07 - 2016-09-06 22:07 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\IsolatedStorage
2016-09-06 22:06 - 2016-09-06 22:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CEF
2016-09-06 22:05 - 2016-09-06 22:38 - 00000000 ____D C:\Program Files\COMODO
2016-09-06 22:05 - 2016-09-06 22:10 - 00000000 ____D C:\ProgramData\COMODO
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Setup548490453
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\sano
2016-09-06 14:56 - 2016-09-06 14:56 - 00001936 _____ C:\Users\Mom n Dad\Desktop\Dawn.lnk
2016-09-06 11:59 - 2016-09-06 12:09 - 00000000 ____D C:\Users\Mom n Dad\Mail_20160906
2016-09-05 17:37 - 2016-09-05 17:37 - 04016517 _____ C:\Users\Mom n Dad\Downloads\F9 FIS Packet.pdf
2016-09-03 11:23 - 2016-09-03 11:23 - 00000000 ____D C:\ProgramData\Roblox
2016-09-03 11:22 - 2016-09-03 11:22 - 00000000 ____D C:\Program Files (x86)\Roblox
2016-08-31 10:12 - 2016-08-31 10:12 - 00000000 _____ C:\Users\Mom n Dad\Desktop\refresh (1) - Shortcut.lnk
2016-08-23 14:07 - 2016-08-23 14:07 - 00003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 14:05 - 2016-08-23 14:05 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Skype
2016-08-22 23:27 - 2016-08-22 23:27 - 00001940 _____ C:\Users\Mom n Dad\Desktop\rFactor.lnk
2016-08-22 23:24 - 2016-08-22 23:24 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor
2016-08-22 23:23 - 2016-08-22 23:26 - 00000000 ____D C:\Program Files (x86)\rFactor
2016-08-22 23:10 - 2016-08-22 23:10 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\YourUpdater
2016-08-22 23:08 - 2016-09-07 10:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-22 23:08 - 2016-08-23 12:20 - 00000000 ____D C:\Program Files (x86)\SoftwareUpd
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\SafeSavings
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\PC_Support
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\2.txt
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\1.txt
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\oneClickRoot
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\AWSToolkit
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\.android
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Program Files (x86)\One Click Root
2016-08-20 10:51 - 2016-08-20 10:51 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\One Click Root
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:39 - 2014-04-18 05:52 - 00000368 _____ C:\WINDOWS\Tasks\CIMT_S-1-5-21-1399685641-2452391960-3966799618-1001.job
2016-09-12 13:39 - 2012-04-29 00:54 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-12 13:38 - 2012-09-22 21:23 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Nero
2016-09-12 13:37 - 2012-04-29 01:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-12 13:30 - 2016-07-26 10:17 - 00000000 ____D C:\Users\Mom n Dad\Desktop\Mail_20160726
2016-09-12 13:25 - 2016-01-22 05:01 - 01021998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-12 13:25 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-12 13:20 - 2013-11-29 19:38 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-12 13:18 - 2015-07-30 07:33 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001UA.job
2016-09-12 13:17 - 2016-01-22 05:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 13:17 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 13:16 - 2016-01-22 05:02 - 00000000 ____D C:\Users\Mom n Dad
2016-09-12 13:15 - 2014-06-22 11:58 - 00000000 ____D C:\AdwCleaner
2016-09-12 13:14 - 2012-10-16 13:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-09-12 13:13 - 2014-03-22 20:20 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\Yahoo!
2016-09-12 13:13 - 2012-10-16 13:48 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Yahoo!
2016-09-12 12:48 - 2013-11-29 19:38 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-12 09:09 - 2012-09-22 21:52 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7A768056-8E95-406D-9C2A-AB86A5C81525}
2016-09-12 08:27 - 2016-02-03 02:27 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CrashDumps
2016-09-12 02:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-11 15:18 - 2015-09-18 17:52 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001Core.job
2016-09-10 07:12 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-07 21:09 - 2016-02-08 13:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\FlickrUploadrWindows
2016-09-07 19:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 12:04 - 2012-09-23 12:09 - 00000000 ____D C:\ProgramData\PCDr
2016-09-07 11:04 - 2014-06-22 13:32 - 00000233 _____ C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2016-09-06 22:03 - 2014-10-07 03:38 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-09-06 12:34 - 2016-05-11 21:46 - 00000000 ____D C:\Users\Mom n Dad\Documents\Outlook Files
2016-09-06 11:45 - 2016-01-22 05:01 - 01035958 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-03 17:33 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 17:33 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-03 11:41 - 2016-05-06 20:11 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\RbxLogs
2016-09-03 11:23 - 2016-05-06 20:11 - 00000244 _____ C:\Users\Mom n Dad\AppData\LocalLow\rbxcsettings.rbx
2016-09-02 11:00 - 2012-11-04 19:46 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-08-31 13:40 - 2014-08-14 19:15 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Packages
2016-08-31 13:23 - 2013-03-03 12:16 - 00000048 _____ C:\Users\Mom n Dad\jagex_cl_oldschool_LIVE.dat
2016-08-30 08:43 - 2012-10-07 14:56 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Games - Shortcut.lnk
2016-08-29 09:29 - 2016-06-01 11:30 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Person 1 - Chromium.lnk
2016-08-29 05:45 - 2016-07-13 12:43 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-27 00:27 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-24 21:08 - 2014-07-24 17:23 - 00000000 ____D C:\Users\Mom n Dad\Downloads\Driver Support
2016-08-23 14:07 - 2015-11-12 09:48 - 00002423 _____ C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 14:07 - 2015-11-12 09:48 - 00000000 ___RD C:\Users\Mom n Dad\OneDrive
2016-08-23 12:21 - 2016-01-22 04:54 - 00366152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-18 08:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-17 14:23 - 2015-09-10 00:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-17 14:13 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-17 14:13 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories =======

2003-03-18 22:20 - 2003-03-18 22:20 - 1060864 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71.dll
2003-03-18 21:44 - 2003-03-18 21:44 - 0040960 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHS.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0045056 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHT.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0065536 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71DEU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0057344 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ENU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ESP.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71FRA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ITA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71JPN.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71KOR.DLL
2003-03-18 22:12 - 2003-03-18 22:12 - 1047552 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71u.dll
2016-06-10 13:17 - 2016-06-10 13:17 - 2049556 _____ () C:\Users\Mom n Dad\AppData\Roaming\sb359.dat
2016-06-10 13:17 - 2016-06-10 13:17 - 0253952 _____ () C:\Users\Mom n Dad\AppData\Roaming\Setup47968.exe
2014-06-22 13:32 - 2016-09-07 11:04 - 0000233 _____ () C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2015-01-04 20:58 - 2015-01-04 20:58 - 0000010 _____ () C:\Users\Mom n Dad\AppData\Local\DSI.DAT
2015-01-04 20:58 - 2015-01-04 20:58 - 0022528 _____ () C:\Users\Mom n Dad\AppData\Local\dsisetup2094711532.exe
2014-07-19 12:16 - 2014-07-19 12:16 - 0000017 _____ () C:\Users\Mom n Dad\AppData\Local\resmon.resmoncfg
2015-12-19 17:32 - 2015-12-19 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{0698FE7B-E414-4BB9-8209-FEAB7FB84A34}
2015-12-26 17:32 - 2015-12-26 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{4F9E012A-B0F7-4988-8C86-80C15AFAC133}
2015-12-20 17:32 - 2015-12-20 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{5B0B5687-B085-47B9-9266-0AC8894FBC48}
2015-12-25 17:32 - 2015-12-25 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{6BCFBDB5-13CA-4BA0-9D52-F5DED8CDCCAB}
2015-12-24 17:32 - 2015-12-24 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{7C950353-CCB5-4619-BEC1-845D41D0A3EE}
2015-12-22 17:32 - 2015-12-22 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{99ADE811-4040-48CB-AB88-B99011B5366C}
2015-12-23 17:32 - 2015-12-23 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{9CD32FAC-56F8-47B0-8929-2100E8BE3501}
2015-12-21 17:32 - 2015-12-21 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{DB925C31-3D0E-4629-B67A-C92960EF44E9}
2013-01-11 22:55 - 2013-01-11 22:55 - 0000069 _____ () C:\ProgramData\dsgsdgdsgdsgw.bat
2013-01-11 22:55 - 2013-01-11 22:55 - 0000159 _____ () C:\ProgramData\dsgsdgdsgdsgw.reg
2015-09-19 13:39 - 2015-09-19 13:39 - 5133208 _____ (© PC Cleaners Inc) C:\ProgramData\pclunst.exe

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.bat
C:\ProgramData\dsgsdgdsgdsgw.reg
C:\ProgramData\pclunst.exe

Some files in TEMP:
====================
C:\Users\Mom n Dad\AppData\Local\Temp\CorrLinks.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro (2).exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro.exe
C:\Users\Mom n Dad\AppData\Local\Temp\libeay32.dll
C:\Users\Mom n Dad\AppData\Local\Temp\lowproc.exe
C:\Users\Mom n Dad\AppData\Local\Temp\msvcr120.dll
C:\Users\Mom n Dad\AppData\Local\Temp\pspx8.0_cnet.exe
C:\Users\Mom n Dad\AppData\Local\Temp\sqlite3.dll
C:\Users\Mom n Dad\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-05 20:03

==================== End of FRST.txt ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Mom n Dad (administrator) on MOMNDAD-PC (12-09-2016 13:38:39)
Running from C:\Users\Mom n Dad\Downloads
Loaded Profiles: Mom n Dad (Available Profiles: Mom n Dad & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Pantech) C:\Program Files (x86)\NCMC\EUDL\UTM\PantechUTM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
(Google Inc.) C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe
(Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe [2012104 2015-11-28] (Corel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 32-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [HomeworkSimplified AppIntegrator 64-bit] => C:\PROGRA~2\HOMEWO~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [EasyMailLogin EPM Support] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dimedint.exe [12824 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 32-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\APPINTEGRATOR.EXE [230424 2015-07-13] (Mindspark)
HKLM-x32\...\Run: [EasyMailLogin AppIntegrator 64-bit] => C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\AppIntegrator64.exe [265752 2015-07-13] (Mindspark)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [5673824 2014-10-01] (PC Drivers Headquarters)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Google Update] => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-15] (Google Inc.)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [Chromium] => c:\users\mom n dad\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Run: [GoogleChromeAutoLaunch_EDEAD0EEDAACD124313EA82B8625168E] => C:\Users\Mom n Dad\AppData\Local\Chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\RunOnce: [Uninstall C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af21f-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\MountPoints2: {5d3af332-6686-11e6-8d98-ed656eb76b56} - "E:\HTC_Sync_Manager_PC.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13101
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1185df9b-6f1d-4fef-88ab-b9873ef8a071}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{285d4a35-be8b-4254-975d-0a0a65203b73}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 - (No Name) - {f78d8db4-444a-4a47-bec1-32164fe6b224} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {0D9AF04D-D70D-4AF8-A51B-CADA5C050768} URL = hxxps://delicious.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {67A88121-0959-44EB-B659-E80911541B35} URL = hxxps://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation)
BHO-x32: Toolbar BHO -> {2be98f70-2202-4f66-886c-c56f85bc28ce} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Search Assistant BHO -> {38c497c4-02cd-47d8-b69a-0658bdcc505c} -> C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\diSrcAs.dll [2015-07-13] (Mindspark)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-04] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-04] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - EasyMailLogin - {99d36030-fbbc-4f19-a436-3911134193db} - C:\Program Files (x86)\EasyMailLogin_di\bar\2.bin\dibar.dll [2015-07-13] (Mindspark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-11-29] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @talk.google.com/O1DPlugin -> C:\Users\Mom n Dad\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1399685641-2452391960-3966799618-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mom n Dad\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Google Docs) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Google Drive) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Sheets) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (Google Docs Offline) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (RealDownloader) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-09-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (Gmail) - C:\Users\Mom n Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 Pantech UTM Service; C:\Program Files (x86)\NCMC\EUDL\UTM\PantechService.exe [65536 2011-05-20] (TODO: <Company name>) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-06-30] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2011-11-29] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4341424 2016-01-19] (Qualcomm Atheros Communications, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
S1 gwrvpwes; C:\WINDOWS\system32\drivers\gwrvpwes.sys [55168 2016-09-12] (Microsoft Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S2 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 {10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64; C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw64.sys [48832 2014-11-06] (StdLib)
R1 {255a824a-3cde-4dee-9785-284605606456}Gw64; C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw64.sys [48832 2014-10-28] (StdLib)
R1 {3cac76e7-8310-45ea-8277-96d048a78c60}Gw64; C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw64.sys [48784 2014-11-27] (StdLib)
R1 {4530e639-76ab-4435-889d-a5e81ae090a4}Gw64; C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {46a147d8-5171-42d8-b8a8-6a187525781d}Gw64; C:\Windows\System32\drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw64.sys [48784 2014-10-15] (StdLib)
R1 {51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64; C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw64.sys [48832 2014-11-10] (StdLib)
R1 {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64; C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys [61072 2014-07-24] (StdLib)
R1 {67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64; C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw64.sys [48784 2014-10-20] (StdLib)
R1 {6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64; C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw64.sys [48784 2014-10-19] (StdLib)
R1 {733fb217-c049-41ba-9504-3f2045e61977}Gw64; C:\Windows\System32\drivers\{733fb217-c049-41ba-9504-3f2045e61977}Gw64.sys [48784 2014-10-21] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {94d62e35-4b43-494c-bf52-ba5935df36ef}w64; C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}w64.sys [48784 2015-01-13] (StdLib)
R1 {9d5747ee-0448-4681-8337-1555de75a3b6}w64; C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}w64.sys [61120 2014-06-16] (StdLib)
R1 {b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64; C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw64.sys [48784 2014-10-25] (StdLib)
R1 {b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64; C:\Windows\System32\drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw64.sys [48784 2014-11-26] (StdLib)
R1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64; C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys [48784 2014-10-05] (StdLib)
R1 {d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64; C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw64.sys [48784 2014-12-01] (StdLib)
R1 {d997fcb4-42b4-4f84-a147-2e498567c954}Gw64; C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw64.sys [48784 2014-11-28] (StdLib)
R1 {dc592624-f532-4311-9fc7-6920126fc404}Gw64; C:\Windows\System32\drivers\{dc592624-f532-4311-9fc7-6920126fc404}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64; C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sys [48784 2014-10-22] (StdLib)
R1 {f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64; C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw64.sys [48832 2014-11-03] (StdLib)
R1 {fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64; C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw64.sys [48832 2014-10-31] (StdLib)
S1 ajcqhycc; \??\C:\WINDOWS\system32\drivers\ajcqhycc.sys [X]
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:38 - 2016-09-12 13:39 - 00029884 _____ C:\Users\Mom n Dad\Downloads\FRST.txt
2016-09-12 13:37 - 2016-09-12 13:37 - 02397696 _____ (Farbar) C:\Users\Mom n Dad\Downloads\FRST64 (1).exe
2016-09-12 13:27 - 2016-09-12 13:38 - 00000000 ____D C:\FRST
2016-09-12 13:25 - 2016-09-12 13:25 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gwrvpwes.sys
2016-09-12 13:09 - 2016-09-12 13:10 - 03826240 _____ C:\Users\Mom n Dad\Downloads\adwcleaner_6.010.exe
2016-09-07 20:42 - 2016-09-07 20:42 - 00001273 _____ C:\Users\Mom n Dad\Desktop\Continue Flash Player Pro Installation.lnk
2016-09-06 22:12 - 2016-09-06 22:37 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\PlutoTV
2016-09-06 22:07 - 2016-09-06 22:07 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\IsolatedStorage
2016-09-06 22:06 - 2016-09-06 22:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CEF
2016-09-06 22:05 - 2016-09-06 22:38 - 00000000 ____D C:\Program Files\COMODO
2016-09-06 22:05 - 2016-09-06 22:10 - 00000000 ____D C:\ProgramData\COMODO
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Setup548490453
2016-09-06 22:03 - 2016-09-06 22:04 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\sano
2016-09-06 14:56 - 2016-09-06 14:56 - 00001936 _____ C:\Users\Mom n Dad\Desktop\Dawn.lnk
2016-09-06 11:59 - 2016-09-06 12:09 - 00000000 ____D C:\Users\Mom n Dad\Mail_20160906
2016-09-05 17:37 - 2016-09-05 17:37 - 04016517 _____ C:\Users\Mom n Dad\Downloads\F9 FIS Packet.pdf
2016-09-03 11:23 - 2016-09-03 11:23 - 00000000 ____D C:\ProgramData\Roblox
2016-09-03 11:22 - 2016-09-03 11:22 - 00000000 ____D C:\Program Files (x86)\Roblox
2016-08-31 10:12 - 2016-08-31 10:12 - 00000000 _____ C:\Users\Mom n Dad\Desktop\refresh (1) - Shortcut.lnk
2016-08-23 14:07 - 2016-08-23 14:07 - 00003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 14:05 - 2016-08-23 14:05 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Skype
2016-08-22 23:27 - 2016-08-22 23:27 - 00001940 _____ C:\Users\Mom n Dad\Desktop\rFactor.lnk
2016-08-22 23:24 - 2016-08-22 23:24 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor
2016-08-22 23:23 - 2016-08-22 23:26 - 00000000 ____D C:\Program Files (x86)\rFactor
2016-08-22 23:10 - 2016-08-22 23:10 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\YourUpdater
2016-08-22 23:08 - 2016-09-07 10:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-22 23:08 - 2016-08-23 12:20 - 00000000 ____D C:\Program Files (x86)\SoftwareUpd
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\SafeSavings
2016-08-22 23:08 - 2016-08-22 23:08 - 00000000 ____D C:\Program Files (x86)\PC_Support
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\2.txt
2016-08-22 23:07 - 2016-08-22 23:07 - 00000003 _____ C:\Users\Mom n Dad\Desktop\1.txt
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\oneClickRoot
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\AWSToolkit
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Users\Mom n Dad\.android
2016-08-20 10:52 - 2016-08-20 10:52 - 00000000 ____D C:\Program Files (x86)\One Click Root
2016-08-20 10:51 - 2016-08-20 10:51 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\One Click Root
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 13:39 - 2014-04-18 05:52 - 00000368 _____ C:\WINDOWS\Tasks\CIMT_S-1-5-21-1399685641-2452391960-3966799618-1001.job
2016-09-12 13:39 - 2012-04-29 00:54 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-12 13:38 - 2012-09-22 21:23 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Nero
2016-09-12 13:37 - 2012-04-29 01:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-12 13:30 - 2016-07-26 10:17 - 00000000 ____D C:\Users\Mom n Dad\Desktop\Mail_20160726
2016-09-12 13:25 - 2016-01-22 05:01 - 01021998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-12 13:25 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-12 13:20 - 2013-11-29 19:38 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-12 13:18 - 2015-07-30 07:33 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001UA.job
2016-09-12 13:17 - 2016-01-22 05:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 13:17 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 13:16 - 2016-01-22 05:02 - 00000000 ____D C:\Users\Mom n Dad
2016-09-12 13:15 - 2014-06-22 11:58 - 00000000 ____D C:\AdwCleaner
2016-09-12 13:14 - 2012-10-16 13:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-09-12 13:13 - 2014-03-22 20:20 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\Yahoo!
2016-09-12 13:13 - 2012-10-16 13:48 - 00000000 ____D C:\Users\Mom n Dad\AppData\Roaming\Yahoo!
2016-09-12 12:48 - 2013-11-29 19:38 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-12 09:09 - 2012-09-22 21:52 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7A768056-8E95-406D-9C2A-AB86A5C81525}
2016-09-12 08:27 - 2016-02-03 02:27 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\CrashDumps
2016-09-12 02:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-11 15:18 - 2015-09-18 17:52 - 00000894 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001Core.job
2016-09-10 07:12 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-07 21:09 - 2016-02-08 13:06 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\FlickrUploadrWindows
2016-09-07 19:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 12:04 - 2012-09-23 12:09 - 00000000 ____D C:\ProgramData\PCDr
2016-09-07 11:04 - 2014-06-22 13:32 - 00000233 _____ C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2016-09-06 22:03 - 2014-10-07 03:38 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-09-06 12:34 - 2016-05-11 21:46 - 00000000 ____D C:\Users\Mom n Dad\Documents\Outlook Files
2016-09-06 11:45 - 2016-01-22 05:01 - 01035958 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-03 17:33 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-03 17:33 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-03 11:41 - 2016-05-06 20:11 - 00000000 ____D C:\Users\Mom n Dad\AppData\LocalLow\RbxLogs
2016-09-03 11:23 - 2016-05-06 20:11 - 00000244 _____ C:\Users\Mom n Dad\AppData\LocalLow\rbxcsettings.rbx
2016-09-02 11:00 - 2012-11-04 19:46 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-08-31 13:40 - 2014-08-14 19:15 - 00000000 ____D C:\Users\Mom n Dad\AppData\Local\Packages
2016-08-31 13:23 - 2013-03-03 12:16 - 00000048 _____ C:\Users\Mom n Dad\jagex_cl_oldschool_LIVE.dat
2016-08-30 08:43 - 2012-10-07 14:56 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Games - Shortcut.lnk
2016-08-29 09:29 - 2016-06-01 11:30 - 00000000 _____ C:\Users\Mom n Dad\Desktop\Person 1 - Chromium.lnk
2016-08-29 05:45 - 2016-07-13 12:43 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-27 00:27 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-24 21:08 - 2014-07-24 17:23 - 00000000 ____D C:\Users\Mom n Dad\Downloads\Driver Support
2016-08-23 14:07 - 2015-11-12 09:48 - 00002423 _____ C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 14:07 - 2015-11-12 09:48 - 00000000 ___RD C:\Users\Mom n Dad\OneDrive
2016-08-23 12:21 - 2016-01-22 04:54 - 00366152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-18 08:59 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-17 14:23 - 2015-09-10 00:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-17 14:13 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-17 14:13 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-17 14:12 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories =======

2003-03-18 22:20 - 2003-03-18 22:20 - 1060864 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71.dll
2003-03-18 21:44 - 2003-03-18 21:44 - 0040960 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHS.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0045056 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71CHT.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0065536 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71DEU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0057344 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ENU.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ESP.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71FRA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0061440 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71ITA.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71JPN.DLL
2003-03-18 21:44 - 2003-03-18 21:44 - 0049152 _____ (Microsoft Corporation) C:\Program Files (x86)\MFC71KOR.DLL
2003-03-18 22:12 - 2003-03-18 22:12 - 1047552 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71u.dll
2016-06-10 13:17 - 2016-06-10 13:17 - 2049556 _____ () C:\Users\Mom n Dad\AppData\Roaming\sb359.dat
2016-06-10 13:17 - 2016-06-10 13:17 - 0253952 _____ () C:\Users\Mom n Dad\AppData\Roaming\Setup47968.exe
2014-06-22 13:32 - 2016-09-07 11:04 - 0000233 _____ () C:\Users\Mom n Dad\AppData\Roaming\WB.CFG
2015-01-04 20:58 - 2015-01-04 20:58 - 0000010 _____ () C:\Users\Mom n Dad\AppData\Local\DSI.DAT
2015-01-04 20:58 - 2015-01-04 20:58 - 0022528 _____ () C:\Users\Mom n Dad\AppData\Local\dsisetup2094711532.exe
2014-07-19 12:16 - 2014-07-19 12:16 - 0000017 _____ () C:\Users\Mom n Dad\AppData\Local\resmon.resmoncfg
2015-12-19 17:32 - 2015-12-19 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{0698FE7B-E414-4BB9-8209-FEAB7FB84A34}
2015-12-26 17:32 - 2015-12-26 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{4F9E012A-B0F7-4988-8C86-80C15AFAC133}
2015-12-20 17:32 - 2015-12-20 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{5B0B5687-B085-47B9-9266-0AC8894FBC48}
2015-12-25 17:32 - 2015-12-25 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{6BCFBDB5-13CA-4BA0-9D52-F5DED8CDCCAB}
2015-12-24 17:32 - 2015-12-24 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{7C950353-CCB5-4619-BEC1-845D41D0A3EE}
2015-12-22 17:32 - 2015-12-22 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{99ADE811-4040-48CB-AB88-B99011B5366C}
2015-12-23 17:32 - 2015-12-23 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{9CD32FAC-56F8-47B0-8929-2100E8BE3501}
2015-12-21 17:32 - 2015-12-21 17:32 - 0000000 _____ () C:\Users\Mom n Dad\AppData\Local\{DB925C31-3D0E-4629-B67A-C92960EF44E9}
2013-01-11 22:55 - 2013-01-11 22:55 - 0000069 _____ () C:\ProgramData\dsgsdgdsgdsgw.bat
2013-01-11 22:55 - 2013-01-11 22:55 - 0000159 _____ () C:\ProgramData\dsgsdgdsgdsgw.reg
2015-09-19 13:39 - 2015-09-19 13:39 - 5133208 _____ (© PC Cleaners Inc) C:\ProgramData\pclunst.exe

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.bat
C:\ProgramData\dsgsdgdsgdsgw.reg
C:\ProgramData\pclunst.exe

Some files in TEMP:
====================
C:\Users\Mom n Dad\AppData\Local\Temp\CorrLinks.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Mom n Dad\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro (2).exe
C:\Users\Mom n Dad\AppData\Local\Temp\ICReinstall_FlashPlayerPro.exe
C:\Users\Mom n Dad\AppData\Local\Temp\libeay32.dll
C:\Users\Mom n Dad\AppData\Local\Temp\lowproc.exe
C:\Users\Mom n Dad\AppData\Local\Temp\msvcr120.dll
C:\Users\Mom n Dad\AppData\Local\Temp\pspx8.0_cnet.exe
C:\Users\Mom n Dad\AppData\Local\Temp\sqlite3.dll
C:\Users\Mom n Dad\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-05 20:03

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Mom n Dad (12-09-2016 13:39:58)
Running from C:\Users\Mom n Dad\Downloads
Windows 10 Home Version 1511 (X64) (2016-01-22 10:19:53)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1399685641-2452391960-3966799618-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1399685641-2452391960-3966799618-503 - Limited - Disabled)
Guest (S-1-5-21-1399685641-2452391960-3966799618-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1399685641-2452391960-3966799618-1002 - Administrator - Enabled)
Mom n Dad (S-1-5-21-1399685641-2452391960-3966799618-1001 - Administrator - Enabled) => C:\Users\Mom n Dad

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
Canon MP495 series User Registration (HKLM-x32\...\Canon MP495 series User Registration) (Version:  - )
CASIO C781 USB Driver V1.0.4.0 (HKLM-x32\...\{3FA1785D-EED5-4840-A78F-2FC8B663CA86}) (Version: 1.0.4.0 - CASIO)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Corel PaintShop Pro X8 (HKLM-x32\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.1.0.67 - Corel Corporation)
CorrLinks (HKLM-x32\...\{ea99e77a-7c27-4dc0-9039-c82be958c286}) (Version: 1.7.760.0 - CorrLinks)
Corrlinks Client Setup (x32 Version: 1.7.760.0 - CORRLINKS) Hidden
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6817.133 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
EasyMailLogin Internet Explorer Toolbar (HKLM-x32\...\EasyMailLogin_dibar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version:  - FlashPlayerPro.com)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
ICA (x32 Version: 18.1.0.67 - Corel Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IPM_PSP_COM64 (Version: 18.1.0.67 - Corel Corporation) Hidden
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065F0}) (Version: 7.0.650 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSPPContent (x32 Version: 18.1.0.67 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 18.1.0.67 - Corel Corporation) Hidden
PSPPro64 (Version: 18.1.0.67 - Corel Corporation) Hidden
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
rFactor (remove only) (HKLM-x32\...\rFactor) (Version:  - )
Setup (x32 Version: 18.1.0.67 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
Verizon_NCMC_UTM64 (HKLM-x32\...\{33393A55-CFC1-4B06-A981-C1ED0F5E58FE}) (Version: 3.00.0000 - NCMC)
Video Mover (HKLM-x32\...\Video Mover_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mom n Dad\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01F30789-9F85-4891-B16B-01D48AC73BEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {026417C9-BBE1-4DE9-A5F0-DF06042C0A2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {138CED5E-7A7B-42BA-931E-8F8F3D72882C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001Core => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {1687A1FD-AC55-4129-83CE-F2E81A87DDAC} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-10-01] (PC Drivers Headquarters)
Task: {18041079-3723-4E8B-B901-20B5CFFC92AF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {1B737015-9391-4E55-B8FA-02BB3EEED767} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {23686742-13B4-4EFB-A9AF-597EE6A1E527} - \BrowserSafeguard Update Task -> No File <==== ATTENTION
Task: {239B5BCC-CADC-47A2-AD18-2BBF0D2F8B10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {298ABF9B-5E86-44F1-8E9D-A7DBD87B6FFE} - System32\Tasks\Microsoft\a3d90235e1136671ab1195c6078184ff => C:\Users\Mom n Dad\AppData\Roaming\DownloadManager\Updater.exe <==== ATTENTION
Task: {2C6B152D-396D-4DEB-8645-1655FDC91E82} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2D4C3CF2-D00C-4C24-B1B8-0329A38ABEFA} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-04-22] (Dell Inc.)
Task: {32953015-E7B7-4C79-98EC-B3F6F0892E6D} - System32\Tasks\CIMT_S-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: {3614A2F9-363E-4498-B770-567EC0915647} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-09] (Microsoft Corporation)
Task: {3A9AD1CB-EF11-410F-A830-8131A508B9B7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {3F721923-E6BA-49CD-B1A0-79954BC009CE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4B0A68FD-7C92-4874-9013-DABFDBC5A052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4C262A4F-159B-42EE-8FDB-C415C5D2B7B3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5386E8F8-AA49-4ED2-A36A-5D1144B376F0} - System32\Tasks\Microsoft\6c033f6638c78c9e7ab6997c2f8fad17 => C:\Users\Mom n Dad\AppData\Roaming\DownloadManager\Loader.exe <==== ATTENTION
Task: {5D49F3FE-4623-44E5-B06F-8EAB6A55AE4F} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-10-01] (PC Drivers Headquarters)
Task: {6A52BC75-13D2-4AB0-BB53-FE5F428A3973} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7CFB9241-E7E4-4563-8CF0-ED15692CBAAC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-08-02] (PC-Doctor, Inc.)
Task: {94EB26CB-B28D-449A-BCD5-CB06C146B834} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {982CCEB0-D695-4217-AAE2-80DCD62F1002} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {995DADB7-1E6F-4373-AD63-E7697ECA2C06} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9BB46371-893F-490C-B5E1-069D99B094B8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-08-26] (Microsoft Corporation)
Task: {A81C212C-7412-4928-AFF5-1DC6EBFCDE23} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AADA6ACF-B56E-4BD0-A10F-AB82BAE607B4} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {AB0DC1F9-D92E-423F-840F-95C77828DC64} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-10-01] (PC Drivers Headquarters)
Task: {ABBF4E83-72E5-4D60-A0C4-D57083937DA3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1399685641-2452391960-3966799618-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AD274FFE-1D79-48AC-B0D3-B217B3FDD829} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B043D61A-46F6-4ABE-8E46-B932FCE8EFE2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BC4127A5-4ADB-4433-A295-6CFC779FA8B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001UA => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.)
Task: {BC8762CF-E3B3-4EF4-A5F6-6BB003BA24C3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {BF2EDD38-FB41-4CFF-8814-EEFD0DD6A4BB} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {C8C10F94-43A4-4DCF-8910-4C3299713D23} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D5AFEC8E-AAE2-40B7-85E8-25ABD11DC563} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D759DB90-3B01-474A-A796-5B1BDFB1540F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DD7D0C1E-34C1-4E06-A0A6-FF1AEAB62DFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DDD6C151-8FB1-4FDC-B222-96AADE9D7F4F} - \MySearchDial -> No File <==== ATTENTION
Task: {EDDD4B0F-1E40-4EB8-AA41-D03DD3BA531A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F7DA9F55-CA1C-46BF-873E-3D111131E236} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-08-02] (PC-Doctor, Inc.)
Task: {FAEFDA68-32CD-42AD-BADE-DD8AEDD989A2} - \PC Speed Maximizer Schedule -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CIMT_S-1-5-21-1399685641-2452391960-3966799618-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001Core.job => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1399685641-2452391960-3966799618-1001UA.job => C:\Users\Mom n Dad\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\Google Hangouts.lnk -> C:\Users\Mom n Dad\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Mom n Dad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxps://www.yahoo.com
ShortcutWithArgument: C:\Users\Public\Desktop\Canon MP495 series On-screen Manual.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> hxxps://www.yahoo.com

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-03-22 17:16 - 2010-02-09 15:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2014-03-22 17:16 - 2011-04-19 16:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-11-04 19:47 - 2010-04-05 14:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2016-07-12 21:12 - 2016-06-30 23:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-12 21:12 - 2016-06-30 23:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-03-22 17:16 - 2011-04-19 16:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2016-08-23 14:06 - 2016-08-23 14:06 - 01864384 _____ () C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-05-11 16:44 - 2016-08-27 00:01 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-04-19 06:05 - 2016-04-19 06:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-22 06:49 - 2016-01-22 06:49 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 21:14 - 2016-06-30 22:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-12 21:12 - 2016-06-30 22:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 21:12 - 2016-06-30 22:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 21:12 - 2016-06-30 22:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 21:12 - 2016-06-30 22:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-16 09:10 - 2014-10-01 03:53 - 00440712 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
2012-02-01 11:50 - 2012-02-01 11:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2014-03-22 17:15 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2016-04-19 06:05 - 2016-04-19 06:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 06:05 - 2016-04-19 06:05 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-23 14:05 - 2016-08-23 14:05 - 01383616 _____ () C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-23 14:05 - 2016-08-23 14:05 - 00118976 _____ () C:\Users\Mom n Dad\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-03-22 17:15 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2014-03-22 17:15 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2014-03-22 17:15 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2014-03-22 17:15 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2014-03-22 17:53 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-03-22 17:53 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2012-04-29 01:07 - 2011-12-16 13:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2011-12-31 17:04 - 2011-12-31 17:04 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-12-31 17:04 - 2011-12-31 17:04 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
2011-12-31 17:04 - 2011-12-31 17:04 - 00026408 _____ () C:\Program Files (x86)\Nero\SyncUP\AdbDetect.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\gwrvpwes.sys:changelist [398]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [264]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\genieo.com -> hxxp://search.genieo.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-09-06 22:24 - 00000100 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mom n Dad\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img7.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EDEAD0EEDAACD124313EA82B8625168E"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1399685641-2452391960-3966799618-1001\...\StartupApproved\Run: => "FlickrUploadr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{11270C2B-8417-439F-8392-9C4D75DF43DA}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [TCP Query User{5D246E36-0D9D-4CC4-AE55-C3FF63B7F1F7}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Block) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [UDP Query User{0DED09E9-2607-433F-BF96-28DF54A9BF1D}C:\program files\belkin\belkin usb print and storage center\connect.exe] => (Block) C:\program files\belkin\belkin usb print and storage center\connect.exe
FirewallRules: [TCP Query User{79F10B5A-D952-441F-8D12-D2821E8CA787}C:\program files\belkin\belkin usb print and storage center\connect.exe] => (Block) C:\program files\belkin\belkin usb print and storage center\connect.exe
FirewallRules: [{300A99D5-D930-48B8-A8C4-3E1E3CEF006C}] => (Allow) C:\Program Files (x86)\CorrLinks\corrlinks_client.exe
FirewallRules: [{2056A929-AE1F-41F2-A12F-009E577B5AEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CA8C9BFE-048C-41A0-8AE4-5E680E597EC4}] => (Allow) C:\Users\Mom n Dad\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{D5169DA3-325B-47ED-916B-DF22177AC12B}C:\program files\belkin\belkin usb print and storage center\connect.exe] => (Allow) C:\program files\belkin\belkin usb print and storage center\connect.exe
FirewallRules: [UDP Query User{904CB172-60B5-4439-A2E1-D617B62CAE54}C:\program files\belkin\belkin usb print and storage center\connect.exe] => (Allow) C:\program files\belkin\belkin usb print and storage center\connect.exe
FirewallRules: [TCP Query User{C48E1131-74C8-4A0D-B15C-A91DF724540A}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Allow) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe
FirewallRules: [UDP Query User{B02B8E65-680E-4F9B-A03D-6D9D037AED07}C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe] => (Allow) C:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe

==================== Restore Points =========================

08-09-2016 15:05:22 Scheduled Checkpoint
11-09-2016 19:33:06 Windows Backup

==================== Faulty Device Manager Devices =============

Name: SXUPTP Driver
Description: SXUPTP Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Belkin International, Inc.
Service: sxuptp
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2016 01:18:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x81c
Faulting application start time: 0x01d20d2201eed0be
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: unknown
Report Id: 5e8e1e18-59f1-45c5-ba6d-60c6480dd028
Faulting package full name:
Faulting package-relative application ID:

Error: (09/12/2016 01:06:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x880
Faulting application start time: 0x01d20d2056c5775b
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: unknown
Report Id: a5923815-da8e-40d5-9476-01dc35246746
Faulting package full name:
Faulting package-relative application ID:

Error: (09/12/2016 08:27:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Loader.exe, version: 1.0.0.134, time stamp: 0x542958a0
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571afb7f
Exception code: 0xc0000374
Fault offset: 0x000dc7c9
Faulting process id: 0x1f54
Faulting application start time: 0x01d20cf968099c3a
Faulting application path: C:\Users\Mom n Dad\AppData\Roaming\DownloadManager\Loader.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: f8d10e67-c76f-4b5f-ac38-edad3dd78876
Faulting package full name:
Faulting package-relative application ID:

Error: (09/12/2016 06:27:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Loader.exe, version: 1.0.0.134, time stamp: 0x542958a0
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571afb7f
Exception code: 0xc0000374
Fault offset: 0x000dc7c9
Faulting process id: 0x11a8
Faulting application start time: 0x01d20ce8a47fcb77
Faulting application path: C:\Users\Mom n Dad\AppData\Roaming\DownloadManager\Loader.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 93d2c7c4-3365-4e01-99d0-6e7520383525
Faulting package full name:
Faulting package-relative application ID:

Error: (09/12/2016 04:27:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Loader.exe, version: 1.0.0.134, time stamp: 0x542958a0
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571afb7f
Exception code: 0xc0000374
Fault offset: 0x000dc7c9
Faulting process id: 0x22c8
Faulting application start time: 0x01d20cd7e0f622d6
Faulting application path: C:\Users\Mom n Dad\AppData\Roaming\DownloadManager\Loader.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 85f06646-11e0-4dc4-b82a-1207ecd37d31
Faulting package full name:
Faulting package-relative application ID:

Error: (09/11/2016 07:33:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/11/2016 07:32:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/11/2016 09:39:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6817.133, time stamp: 0x579fa248
Faulting module name: KERNELBASE.dll, version: 10.0.10586.494, time stamp: 0x5775e4c5
Exception code: 0xc000041d
Fault offset: 0x0000000000071f28
Faulting process id: 0x1d60
Faulting application start time: 0x01d20b6cd19a7b44
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report Id: fcbb4948-3993-400e-b62b-788d717e2685
Faulting package full name:
Faulting package-relative application ID:

Error: (09/11/2016 09:39:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6817.133, time stamp: 0x579fa248
Faulting module name: KERNELBASE.dll, version: 10.0.10586.494, time stamp: 0x5775e4c5
Exception code: 0xe0434352
Fault offset: 0x0000000000071f28
Faulting process id: 0x1d60
Faulting application start time: 0x01d20b6cd19a7b44
Faulting application path: C:\Program Files\Dell\SupportAssist\pcdrcui.exe
Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll
Report Id: c0a7425f-bd08-4ccd-8413-661153fc3f05
Faulting package full name:
Faulting package-relative application ID:

Error: (09/11/2016 09:39:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at MS.Win32.UnsafeNativeMethods.PostMessage(System.Runtime.InteropServices.HandleRef, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
   at System.Windows.Interop.HwndTarget.UpdateWindowSettings(Boolean, System.Nullable`1<ChannelSet>)
   at System.Windows.Interop.HwndTarget.UpdateWindowPos(IntPtr)
   at System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
   at System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

System errors:
=============
Error: (09/12/2016 01:19:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/12/2016 01:19:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
After starting, the service hung in a start-pending state.

Error: (09/12/2016 01:19:58 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Application Virtualization Client service hung on starting.

Error: (09/12/2016 01:18:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (09/12/2016 01:18:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sxuptp service failed to start due to the following error:
This driver has been blocked from loading

Error: (09/12/2016 01:17:47 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: sxuptp.sys

Error: (09/12/2016 01:16:39 PM) (Source: DCOM) (EventID: 10010) (User: MomnDad-PC)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/12/2016 01:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_377da service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/12/2016 01:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_377da service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/12/2016 01:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_377da service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

CodeIntegrity:
===================================
  Date: 2016-09-12 13:38:10.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-12 10:28:12.037
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:12.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:12.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.961
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.944
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 10:28:11.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Pentium® CPU G630 @ 2.70GHz
Percentage of memory in use: 54%
Total physical RAM: 3974.16 MB
Available physical RAM: 1814.47 MB
Total Virtual: 8070.16 MB
Available Virtual: 5554 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:442.18 GB) (Free:384.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 834115F8)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=23.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=442.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,797 posts
Duplicate. Locking Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP