Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Suspicion of Malware - (inc FRST LOG)

Started by cr00901124 , Oct 08 2016 02:06 PM

Please log in to reply

#1
cr00901124

Posted 08 October 2016 - 02:06 PM

New Member

Member
4 posts

I'm temporarily using a family member's laptop (long term).

I was doing a college assignment when a "Dropbox message" popped up - "share your screenshots with Dropbox" - however i didn't admit that screenshot" but there it was when I pasted in paint!! (of my assignment work), i'm worried that there is something malicious like spyware.

"Malwarebytes Home trial" detected 3175 non malware threats (potentially unwanted programs) and quarantined 2485 of them.
The relay chat on this site has advised me to run FRST - please see log below.
And thank you for all help so far!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2016

Ran by Deana (administrator) on DELL1525 (08-10-2016 19:40:55)

Running from C:\Users\Deana\Desktop

Loaded Profiles: Deana (Available Profiles: Deana)

Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)

Internet Explorer Version 9 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Windows\System32\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE

() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe

() C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

() C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

(Arainia Solutions) C:\Program Files\Gizmo\gservice.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe

(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE

(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe

(IDT, Inc.) C:\Windows\System32\stacsv.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Dell Inc.) C:\Windows\System32\WLTRAY.EXE

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe

(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

() C:\Program Files\Inbox Toolbar\Inbox.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

() C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe

(Arainia Solutions) C:\Program Files\Gizmo\gizmo.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coNatHst.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Splice) C:\Users\Deana\AppData\Local\Apps\2.0\3YP8R2O8.B9W\CV7BRLL5.CBG\spli..tion_7666adb2bba943c5_0000.0000_9bb96b60832102ac\Splice.Install.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(Splice) C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\Splice.WinClient.exe

() C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamresearch.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

() C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [167936 2008-05-04] (Alps Electric Co., Ltd.)

HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)

HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-06] (Google)

HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )

HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)

HKLM\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)

HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [77824 2008-12-30] (Apple Computer, Inc.)

HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2086912 2008-10-09] (Vodafone)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [ROC_roc_dec12] => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

HKLM\...\Run: [HF_G_Jul] => "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-11-12] (IDT, Inc.)

HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-17] ()

Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-10-23] (Citrix Online, a division of Citrix Systems, Inc.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-10-23] (Google Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [Facebook Update] => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [Dropbox Update] => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [uTorrent] => C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-09-30] (BitTorrent Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files\Gizmo\gizmo.exe [223640 2016-09-30] (Arainia Solutions)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\RunOnce: [Shockwave Updater] => C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103472.exe [460216 2009-01-16] (Adobe Systems, Inc.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {31e525d3-a0d2-11dd-8f4d-806e6f6e6963} - E:\Start.exe

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {35faa898-a1a4-11e5-ab85-00219bf0cada} - F:\HTC_Sync_Manager_PC.exe

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {4a920133-ddf2-11de-b145-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fdf3-d671-11dd-b150-00234d946a18} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fdf8-d671-11dd-b150-00234d946a18} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fe04-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fe05-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308ff5f-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d963-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d987-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d989-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d9a1-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {f35d9154-5e5a-11de-b773-f28d9f3d3f08} - F:\setup_vmc_lite.exe /checkApplicationPresence

AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-06] (Google)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)

ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2008-10-23]

ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gizmo.lnk [2016-09-30]

ShortcutTarget: Gizmo.lnk -> C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-03-26]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-10-23]

ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-07]

ShortcutTarget: Dropbox.lnk -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2008-11-29]

ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Splice for Windows.lnk [2016-09-30]

ShortcutTarget: Splice for Windows.lnk -> C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\Splice.WinClient.exe (Splice)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-23]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-23]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{0E5D19BB-5339-434F-B09E-91A5E8E3F3AB}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5081023

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://uk.msn.com/

SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AFD04AD7-DB03-45B0-B241-7FB2BF381CCB}&mid=b41d0199dff947d1bc92d168dd142329-931055154b6ad30b546f145fab542c6fe4be2d7b&lang=en&ds=AVG&pr=pr&d=2011-09-28 16:56:46&v=10.0.0.7&sap=dsp&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} URL = hxxp://search.alot.com/web?q={searchTerms}&pr=prov&client_id=D8FE563001CC333265556490&install_time=2011-06-25T12:24:35Z&src_id=12287&camp_id=2586&tb_version=2.5.20000.3

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=VWuL-VYZgp5nZ1OUaEHblndigxs?q={searchTerms}

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AFD04AD7-DB03-45B0-B241-7FB2BF381CCB}&mid=b41d0199dff947d1bc92d168dd142329-931055154b6ad30b546f145fab542c6fe4be2d7b&lang=en&ds=AVG&pr=pr&d=2011-09-28 16:56:46&v=10.0.0.7&sap=dsp&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)

BHO: ALOT Toolbar Helper -> {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} -> C:\Program Files\alot\bin\BHO\alotBHO.dll [2011-04-20] (Vertro)

BHO: No Name -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> No File

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)

BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll [2006-11-09] (Dell Inc.)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)

Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)

Toolbar: HKLM - ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll [2011-04-20] (Vertro)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)

Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)

Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File

Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game10.zylom.com/activex/zylomgamesplayer.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553570000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation)

FireFox:

========

FF ProfilePath: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default [2016-10-08]

FF NewTab: Mozilla\Firefox\Profiles\hbyc7tgm.default -> hxxp://search.myemailxp.com?uid=undefined&uc=undefined&source=pd_gs_email_hotmail_p&page=newtab&implementation_id=Email_xp_0.0.2

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Yahoo!

FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Ask.com

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Yahoo!

FF Homepage: Mozilla\Firefox\Profiles\hbyc7tgm.default -> hxxps://www.malwarebytes.org/restorebrowser/yhp-ff

hxxp://search.myemailxp.com?uid=undefined&uc=undefined&source=pd_gs_email_hotmail_p&page=homepage&implementation_id=Email_xp_0.0.2

FF NetworkProxy: Mozilla\Firefox\Profiles\hbyc7tgm.default -> type", 2

FF Extension: (Firefox Hotfix) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\[email protected] [2016-09-30]

FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\[email protected] [2016-10-08] [not signed]

FF Extension: (My Email XP) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\[email protected] [2015-07-09] [not signed]

FF Extension: (ALOT Toolbar) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\[email protected] [2012-04-25] [not signed]

FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-11-10] [not signed]

FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} [2016-10-08] [not signed]

FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2016-10-08] [not signed]

FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\ask-search.xml [2014-04-05]

FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\inbox-search.xml [2015-07-09]

FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\search.xml [2015-07-09]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-12] [not signed]

FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.7.1.32\coFFAddon

FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.7.1.32\coFFAddon [2016-09-30]

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-02] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)

FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-10] (Google)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1504278732-3331403366-2529910698-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1504278732-3331403366-2529910698-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-07-30] (Yahoo! Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)

Chrome:

=======

CHR StartupUrls: Default -> "hxxp://www.google.com"

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File

CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File

CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Chrome NaCl) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File

CHR Plugin: (AVG Internet Security) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins/avgnpss.dll => No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File

CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Profile: C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default [2016-10-08]

CHR Extension: (Norton Security Toolbar) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-09-30]

CHR Extension: (uTorrentControl_v2) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2015-12-13]

CHR Extension: (Norton Identity Safe) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-12-13]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]

CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-05]

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-17] () [File not signed]

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)

S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-12-18] (Macrovision Europe Ltd.) [File not signed]

R2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [451904 2009-10-28] ()

R2 Gizmo Central; C:\Program Files\Gizmo\gservice.exe [34728 2016-09-30] (Arainia Solutions)

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-06] (Google)

S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-10-23] (Citrix Online, a division of Citrix Systems, Inc.)

S2 gupdate1c9ac7b3e3f9900; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-07-09] (Google Inc.)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)

R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe [289080 2016-08-16] (Symantec Corporation)

R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-09-12] (IBM Corp.)

R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)

R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-10-09] (Vodafone) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\BASHDefs\20160521.001\BHDrvx86.sys [1317624 2016-08-10] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1607010.020\ccSetx86.sys [137456 2016-08-10] (Symantec Corporation)

R1 GizmoDrv; C:\Windows\system32\Drivers\GizmoDrv.sys [25488 2016-09-30] (Arainia Solutions LLC)

R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\IPSDefs\20160803.001\IDSVix86.sys [667352 2016-08-10] (Symantec Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-08] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)

R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1609053.sys [775592 2016-09-30] (IBM Corp.)

R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [328808 2016-09-12] (IBM Corp.)

R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [101992 2016-09-12] (IBM Corp.)

R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [257608 2016-09-12] (IBM Corp.)

R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [407880 2016-09-12] (IBM Corp.)

R3 SRTSP; C:\Windows\System32\Drivers\NIS\1607010.020\SRTSP.SYS [626416 2016-08-10] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NIS\1607010.020\SRTSPX.SYS [42744 2016-08-10] (Symantec Corporation)

R0 SymEFASI; C:\Windows\System32\drivers\NIS\1607010.020\SYMEFASI.SYS [1289944 2016-08-10] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [88312 2016-09-11] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NIS\1607010.020\Ironx86.SYS [230648 2016-08-10] (Symantec Corporation)

R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1607010.020\SYMTDIV.SYS [351416 2016-08-10] (Symantec Corporation)

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\SDSDefs\20160911.001\NAVENG.SYS [X]

S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\SDSDefs\20160911.001\NAVEX15.SYS [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-08 19:40 - 2016-10-08 19:43 - 00038373 _____ C:\Users\Deana\Desktop\FRST.txt

2016-10-08 19:39 - 2016-10-08 19:40 - 00000000 ____D C:\FRST

2016-10-08 19:34 - 2016-10-08 19:36 - 01755136 _____ (Farbar) C:\Users\Deana\Desktop\FRST.exe

2016-10-08 19:33 - 2016-10-08 19:34 - 01755136 _____ (Farbar) C:\Users\Deana\Downloads\FRST.exe

2016-10-08 15:50 - 2016-10-08 15:50 - 00000000 ____D C:\Users\Deana\Desktop\Vocals

2016-10-08 15:22 - 2016-10-08 15:23 - 00000000 ____D C:\Users\Deana\Desktop\Pads

2016-10-08 15:08 - 2016-10-08 15:16 - 00000000 ____D C:\Users\Deana\Desktop\Strings

2016-10-08 15:00 - 2016-10-08 15:08 - 00000000 ____D C:\Users\Deana\Desktop\Keys

2016-10-08 14:54 - 2016-10-08 15:00 - 00000000 ____D C:\Users\Deana\Desktop\Bass

2016-10-08 14:45 - 2016-10-08 14:53 - 00000000 ____D C:\Users\Deana\Desktop\Guitar

2016-10-08 14:36 - 2016-10-08 14:44 - 00000000 ____D C:\Users\Deana\Desktop\FX

2016-10-08 14:16 - 2016-10-08 14:31 - 00000000 ____D C:\Users\Deana\Desktop\synth

2016-10-08 14:12 - 2016-10-08 14:13 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-10-08 14:09 - 2016-10-08 14:09 - 00000901 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware

2016-10-08 14:09 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-10-08 14:09 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-10-08 14:09 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-10-08 13:59 - 2016-10-08 14:00 - 22851472 _____ (Malwarebytes ) C:\Users\Deana\Downloads\mbam-setup-2.2.1.1043.exe

2016-10-08 12:44 - 2016-10-08 13:06 - 00000000 ____D C:\Users\Deana\Desktop\Perc n Voc

2016-10-08 12:16 - 2016-10-08 12:17 - 00000000 ____D C:\Users\Deana\Desktop\Drums

2016-10-08 11:48 - 2016-10-08 11:49 - 00000000 ____D C:\Users\Deana\AppData\Local\Splice

2016-10-08 11:46 - 2016-10-08 11:46 - 07752616 _____ (Splice) C:\Users\Deana\Downloads\install-splice (1).exe

2016-10-08 11:37 - 2016-10-08 11:56 - 00000000 ____D C:\Users\Deana\Documents\Splice

2016-10-07 16:06 - 2016-10-07 16:06 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-10-06 01:49 - 2016-10-06 01:49 - 00009414 _____ C:\Users\Deana\Downloads\badges.zip

2016-10-06 01:22 - 2016-10-06 01:22 - 03703230 _____ C:\Users\Deana\Desktop\Exhibition-Guide-Compose-Manchester16-Digital-Version.pdf

2016-10-06 01:02 - 2016-10-06 01:02 - 00002285 _____ C:\Users\Deana\Downloads\UCAS_-_Compose_your_Future_Manchester.ics

2016-10-05 13:07 - 2016-10-05 13:07 - 00103689 _____ C:\Users\Deana\Desktop\all_birth_adoption_cert_form_d.pdf

2016-10-05 10:08 - 2016-10-05 11:05 - 00000000 ____D C:\Users\Deana\Desktop\Rexed

2016-10-05 09:54 - 2016-10-08 10:26 - 00000000 ____D C:\Users\Deana\AppData\Local\{39AE295A-08FB-4242-BEFE-F6ACA0F92D4E}

2016-10-04 15:18 - 2016-10-04 15:18 - 00000000 ____D C:\Users\Deana\AppData\Local\{6A69DB40-1286-4DA1-AA25-6AC93F6EAA02}

2016-10-04 14:47 - 2016-10-04 14:47 - 00000754 _____ C:\Users\Deana\Desktop\odd bars.txt

2016-10-04 03:25 - 2016-10-04 03:25 - 00085533 _____ C:\Users\Deana\Downloads\Desolation-Music-by-Callum-Rawlinson.pdf

2016-10-04 03:23 - 2016-10-04 03:23 - 00085533 _____ C:\Users\Deana\Desktop\Desolation - Music by Callum Rawlinson.pdf

2016-10-04 03:19 - 2016-10-04 03:23 - 00000952 _____ C:\Users\Deana\AppData\Roaming\midisheetmusic.config.ini

2016-10-04 03:19 - 2016-10-04 03:19 - 00084901 _____ C:\Users\Deana\Desktop\Be You.pdf

2016-10-04 03:13 - 2016-10-04 03:13 - 01404928 _____ C:\Users\Deana\Desktop\MidiSheetMusic-2.6.exe

2016-10-04 03:12 - 2016-10-04 03:12 - 00003432 _____ C:\Users\Deana\Desktop\Desolation - Music by Callum Rawlinson.mid

2016-10-04 03:11 - 2016-07-11 06:40 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-10-04 03:08 - 2016-07-11 08:00 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2016-10-04 00:00 - 2016-07-15 22:32 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-10-04 00:00 - 2016-07-15 22:31 - 12841472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-10-04 00:00 - 2016-07-15 22:29 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-10-04 00:00 - 2016-07-15 22:27 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-10-04 00:00 - 2016-07-15 22:27 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-10-04 00:00 - 2016-07-15 22:27 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-10-04 00:00 - 2016-07-15 22:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-10-04 00:00 - 2016-07-15 22:26 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-10-04 00:00 - 2016-07-15 22:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2016-10-04 00:00 - 2016-07-15 22:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2016-10-04 00:00 - 2016-07-15 22:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-10-04 00:00 - 2016-07-15 22:24 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-10-04 00:00 - 2016-07-15 22:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-10-04 00:00 - 2016-07-15 22:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-10-04 00:00 - 2016-07-15 22:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2016-10-03 19:48 - 2016-10-03 19:50 - 00000000 ____D C:\Users\Deana\Desktop\chord stuff

2016-10-02 19:02 - 2016-10-02 19:02 - 00000000 ____D C:\Program Files\Common Files\AV

2016-10-01 16:19 - 2016-10-03 16:57 - 58581334 _____ C:\Users\Deana\Desktop\Trap.wav

2016-10-01 14:26 - 2016-10-01 14:26 - 00000992 _____ C:\Users\Deana\Desktop\Alesis V25 Editor.lnk

2016-10-01 14:26 - 2016-10-01 14:26 - 00000000 ____D C:\Users\Deana\Documents\Alesis

2016-10-01 14:26 - 2016-10-01 14:26 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alesis V25 Editor

2016-10-01 14:25 - 2016-10-01 14:26 - 00000000 ____D C:\Program Files\Alesis

2016-10-01 14:25 - 2016-10-01 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alesis

2016-10-01 14:24 - 2016-10-01 14:24 - 00000000 ____D C:\ProgramData\inMusic

2016-10-01 14:21 - 2016-10-01 14:21 - 16916718 _____ C:\Users\Deana\Downloads\Install_Alesis_V25_FirmwareUpdateWin_1.0.0.9.zip

2016-10-01 14:21 - 2016-10-01 14:21 - 00000000 ____D C:\Users\Deana\Downloads\Install_Alesis_V25_FirmwareUpdateWin_1.0.0.9

2016-10-01 14:21 - 2016-10-01 14:21 - 00000000 ____D C:\Users\Deana\Downloads\alesis_v25_editor_v1.0.4_pc

2016-10-01 14:20 - 2016-10-01 14:21 - 05662032 _____ C:\Users\Deana\Downloads\alesis_v25_editor_v1.0.4_pc.zip

2016-09-30 23:38 - 2016-10-05 19:32 - 00000000 ____D C:\Users\Deana\Desktop\Dank

2016-09-30 22:35 - 2016-10-04 22:51 - 00000000 ____D C:\Users\Deana\Desktop\splice2

2016-09-30 22:26 - 2016-09-30 22:26 - 01738662 _____ C:\Users\Deana\Desktop\TB_90_GUITAR_LOOP_B_018.rx2.rx2

2016-09-30 22:23 - 2016-09-30 22:23 - 00000241 _____ C:\Users\Deana\Desktop\TB_90_GUITAR_LOOP_B_018.mid.mid

2016-09-30 22:13 - 2016-09-30 22:13 - 00000874 _____ C:\Users\Public\Desktop\ReCycle.lnk

2016-09-30 22:11 - 2016-09-30 22:12 - 00000000 ____D C:\Users\Deana\Desktop\recycle2

2016-09-30 22:10 - 2016-09-30 22:10 - 00000000 ____D C:\Users\Deana\Desktop\recycle

2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Users\Deana\AppData\Roaming\WinRAR

2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Program Files\WinRAR

2016-09-30 22:07 - 2016-09-30 22:08 - 01962408 _____ C:\Users\Deana\Downloads\wrar540.exe

2016-09-30 22:01 - 2016-09-30 22:01 - 00000000 ____D C:\Users\Deana\Downloads\Propellerhead Recycle v2.2.3 Full WiN - UGET [deepstatus]

2016-09-30 20:39 - 2016-09-30 20:39 - 00406528 _____ (Propellerhead Software AB) C:\Windows\system32\ReWire.dll

2016-09-30 20:39 - 2016-09-30 20:39 - 00338432 _____ (Propellerhead Software AB) C:\Windows\system32\REX Shared Library.dll

2016-09-30 20:32 - 2016-09-30 20:39 - 00000000 ____D C:\Users\Deana\AppData\Local\SpliceSettings

2016-09-30 20:30 - 2016-10-08 11:48 - 00000000 ____D C:\Users\Deana\AppData\Local\SquirrelTemp

2016-09-30 20:27 - 2016-10-01 14:23 - 00000000 ____D C:\ProgramData\Package Cache

2016-09-30 20:22 - 2016-09-30 20:39 - 00000000 ____D C:\Users\Deana\Desktop\Splice

2016-09-30 20:22 - 2016-09-30 20:22 - 00000000 ____D C:\Users\Deana\AppData\Local\IsolatedStorage

2016-09-30 20:21 - 2016-09-30 20:19 - 06503984 _____ (Microsoft Corporation) C:\Users\Deana\Desktop\vcredist_x86.exe

2016-09-30 20:18 - 2016-09-30 20:18 - 00009663 _____ C:\Users\Deana\Downloads\Splice.Install.application

2016-09-30 20:15 - 2016-09-30 20:34 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice

2016-09-30 20:13 - 2016-09-30 22:13 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Propellerhead Software

2016-09-30 20:13 - 2016-09-30 20:39 - 00000000 ____D C:\ProgramData\Propellerhead Software

2016-09-30 20:11 - 2016-10-08 11:37 - 00000000 ____D C:\Users\Deana\AppData\Local\Deployment

2016-09-30 20:11 - 2016-09-30 20:11 - 00000000 ____D C:\Users\Deana\AppData\Local\Apps\2.0

2016-09-30 20:07 - 2016-09-30 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead

2016-09-30 20:07 - 2016-09-30 20:07 - 00000864 _____ C:\Users\Public\Desktop\Reason.lnk

2016-09-30 20:05 - 2016-09-30 20:06 - 00538504 _____ () C:\Users\Deana\Downloads\install-splice.exe

2016-09-30 19:52 - 2016-09-30 22:13 - 00000000 ____D C:\Program Files\Propellerhead

2016-09-30 19:32 - 2016-09-30 19:50 - 00000000 ____D C:\Users\Deana\Documents\Gizmo

2016-09-30 19:32 - 2016-09-30 19:32 - 00025488 _____ (Arainia Solutions LLC) C:\Windows\system32\Drivers\gizmodrv.sys

2016-09-30 19:32 - 2016-09-30 19:32 - 00000826 _____ C:\Users\Public\Desktop\Gizmo.lnk

2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Gizmo

2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gizmo Central

2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\Program Files\Gizmo

2016-09-30 19:29 - 2016-09-30 19:30 - 08095640 _____ (Arainia Solutions) C:\Users\Deana\Downloads\gizmo-279-setup.exe

2016-09-30 19:18 - 2016-09-30 19:18 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\Oracle

2016-09-30 19:06 - 2016-09-30 19:29 - 00000000 ____D C:\Users\Deana\Downloads\Propellerhead Reason 5

2016-09-30 19:05 - 2016-09-30 19:05 - 00000000 ____D C:\Users\Deana\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67}

2016-09-30 19:04 - 2016-10-08 12:57 - 00000000 ____D C:\Users\Deana\AppData\Roaming\uTorrent

2016-09-30 19:04 - 2016-09-30 19:04 - 00002587 _____ C:\Users\Deana\Desktop\µTorrent.lnk

2016-09-30 19:04 - 2016-09-30 19:04 - 00002587 _____ C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2016-09-30 19:03 - 2016-09-30 19:03 - 02375360 _____ (BitTorrent Inc.) C:\Users\Deana\Downloads\uTorrent (1).exe

2016-09-30 18:58 - 2016-09-30 18:58 - 02376392 _____ (BitTorrent Inc.) C:\Users\Deana\Downloads\BitTorrent.exe

2016-09-30 18:40 - 2016-09-30 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

2016-09-30 18:13 - 2016-09-30 18:13 - 00000000 ____D C:\Users\Deana\Downloads\Reason_711_without_soundbanks

2016-09-30 17:57 - 2016-09-30 17:57 - 00000861 _____ C:\Users\Public\Desktop\VLC media player.lnk

2016-09-30 17:57 - 2016-09-30 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2016-09-30 17:55 - 2016-09-30 17:55 - 00000000 ____D C:\Program Files\VideoLAN

2016-09-30 17:54 - 2016-09-30 13:25 - 09525724 _____ C:\Users\Deana\Desktop\Skaggae 120bpm.wav

2016-09-30 17:53 - 2016-09-30 17:54 - 30533688 _____ C:\Users\Deana\Downloads\vlc-2.2.4-win32.exe

2016-09-30 17:42 - 2016-09-30 18:03 - 1083230812 _____ C:\Users\Deana\Downloads\Reason_711_without_soundbanks.zip

2016-09-12 20:21 - 2016-09-12 20:21 - 00257608 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys

2016-09-12 20:21 - 2016-09-12 20:21 - 00101992 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades.sys

2016-09-11 20:46 - 2016-09-11 20:46 - 00016384 _____ C:\Users\Deana\Documents\amended costings.xlr

2016-09-11 14:47 - 2016-09-11 14:47 - 00006738 _____ C:\Users\Deana\Downloads\renderConfirmation.htm

2016-09-11 14:22 - 2016-09-11 14:22 - 00017408 _____ C:\Users\Deana\Documents\cost 2016 send.xlr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-08 19:44 - 2009-06-29 14:57 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-10-08 19:31 - 2015-07-09 10:00 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job

2016-10-08 19:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2016-10-08 19:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2016-10-08 19:30 - 2012-04-15 15:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-10-08 18:56 - 2011-11-22 16:32 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job

2016-10-08 16:14 - 2013-05-27 16:22 - 00000000 ___RD C:\Users\Deana\Dropbox

2016-10-08 15:56 - 2011-11-22 16:32 - 00000904 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job

2016-10-08 15:25 - 2012-04-12 15:54 - 00000000 ____D C:\Users\Deana\AppData\Roaming\vlc

2016-10-08 15:19 - 2012-09-30 09:19 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\uTorrentControl_v2

2016-10-08 15:19 - 2012-09-30 09:18 - 00000000 ____D C:\Program Files\uTorrentControl_v2

2016-10-08 15:18 - 2011-06-25 13:24 - 00000000 ____D C:\Program Files\PriceGong

2016-10-08 15:17 - 2013-03-27 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar

2016-10-08 15:17 - 2013-03-27 17:13 - 00000000 ____D C:\Program Files\Inbox Toolbar

2016-10-08 15:17 - 2012-09-30 09:19 - 00000000 ____D C:\Users\Deana\AppData\Local\CRE

2016-10-08 14:31 - 2015-07-09 10:00 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job

2016-10-08 11:50 - 2009-03-22 15:11 - 00000820 _____ C:\Windows\Tasks\Google Software Updater.job

2016-10-08 11:44 - 2009-06-29 14:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-10-07 16:07 - 2013-05-27 16:17 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Dropbox

2016-10-07 16:07 - 2009-04-12 21:16 - 00000680 _____ C:\Users\Deana\AppData\Local\d3d9caps.dat

2016-10-04 17:22 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf

2016-10-04 17:22 - 2006-11-02 11:33 - 00762822 _____ C:\Windows\system32\PerfStringBackup.INI

2016-10-04 17:15 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-10-04 17:00 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-10-04 16:57 - 2010-11-25 18:38 - 00000000 ____D C:\Users\Deana\AppData\Local\CrashDumps

2016-10-04 15:26 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache

2016-10-04 15:04 - 2006-11-02 13:47 - 00306016 _____ C:\Windows\system32\FNTCACHE.DAT

2016-10-02 12:30 - 2012-04-15 15:19 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2016-10-02 12:30 - 2011-07-23 16:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2016-10-02 12:30 - 2008-10-23 13:32 - 00000000 ____D C:\Windows\system32\Macromed

2016-09-30 23:09 - 2015-07-09 10:00 - 00000000 ____D C:\Users\Deana\AppData\Local\Dropbox

2016-09-30 20:09 - 2011-06-25 13:24 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\PriceGong

2016-09-30 18:48 - 2014-04-05 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection

2016-09-30 18:48 - 2013-03-27 17:13 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\Inbox Toolbar

2016-09-30 18:44 - 2013-01-20 19:37 - 00000000 ____D C:\Windows\system32\Drivers\NIS

2016-09-30 18:40 - 2013-01-20 19:39 - 00002133 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk

2016-09-30 18:38 - 2013-01-20 19:39 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared

2016-09-30 17:34 - 2016-07-30 13:56 - 00000000 ____D C:\Users\Deana\AppData\Local\{9F94D08D-4201-4534-82E5-4913EA4ECAE8}

2016-09-11 23:40 - 2016-07-24 16:39 - 00000000 ____D C:\Users\Deana\Documents\meat mains costing

2016-09-11 23:30 - 2008-11-21 18:28 - 00012956 _____ C:\Users\Deana\AppData\Roaming\wklnhst.dat

2016-09-11 22:27 - 2016-07-24 16:36 - 00000000 ____D C:\Users\Deana\Documents\Veg mains costings

2016-09-11 20:48 - 2016-07-24 22:28 - 00000000 ____D C:\Users\Deana\Documents\potato & Carb sides costings

2016-09-11 20:48 - 2016-07-21 19:34 - 00016384 _____ C:\Users\Deana\Downloads\Dees costings no gp.xls

2016-09-11 17:23 - 2009-10-25 19:02 - 00000000 ____D C:\ProgramData\Norton

2016-09-11 17:22 - 2013-01-20 19:39 - 00088312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS

2016-09-11 17:22 - 2013-01-20 19:39 - 00008234 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT

2016-09-11 17:21 - 2013-01-20 19:37 - 00000000 ____D C:\Program Files\Norton Internet Security

2016-09-11 17:20 - 2009-10-25 19:01 - 00000000 ____D C:\Program Files\NortonInstaller

2016-09-11 17:18 - 2010-06-13 16:39 - 00000000 ____D C:\Users\Public\Downloads\Norton

==================== Files in the root of some directories =======

2016-10-04 03:19 - 2016-10-04 03:23 - 0000952 _____ () C:\Users\Deana\AppData\Roaming\midisheetmusic.config.ini

2008-11-21 18:28 - 2016-09-11 23:30 - 0012956 _____ () C:\Users\Deana\AppData\Roaming\wklnhst.dat

2010-11-25 19:26 - 2010-11-25 19:26 - 0000552 _____ () C:\Users\Deana\AppData\Local\d3d8caps.dat

2009-04-12 21:16 - 2016-10-07 16:07 - 0000680 _____ () C:\Users\Deana\AppData\Local\d3d9caps.dat

2008-11-24 12:42 - 2012-09-30 12:28 - 0035840 _____ () C:\Users\Deana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2011-05-19 14:11 - 2011-06-01 19:58 - 0001940 _____ () C:\Users\Deana\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

2008-08-20 17:45 - 2008-08-20 17:45 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml

2008-09-22 15:21 - 2008-09-22 15:21 - 0127092 ____R () C:\ProgramData\DeviceManager.xml.rc4

Files to move or delete:

====================

C:\Users\Deana\install_flash_player.exe

Some files in TEMP:

====================

C:\Users\Deana\AppData\Local\Temp\CommonInstaller.exe

C:\Users\Deana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_cexrd.dll

C:\Users\Deana\AppData\Local\Temp\install-splice.exe

C:\Users\Deana\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Deana\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Deana\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Deana\AppData\Local\Temp\jre-8u101-windows-au.exe

C:\Users\Deana\AppData\Local\Temp\jre-8u45-windows-au.exe

C:\Users\Deana\AppData\Local\Temp\SecurityScan_Release.exe

C:\Users\Deana\AppData\Local\Temp\setup.exe

C:\Users\Deana\AppData\Local\Temp\TB_2CB1.exe

C:\Users\Deana\AppData\Local\Temp\UNINSTALL.EXE

C:\Users\Deana\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Deana\AppData\Local\Temp\{2155F2E7-0A81-4B8B-AD85-9BAA59C358BB}-GoogleToolbarInstaller_updater_signed.exe

C:\Users\Deana\AppData\Local\Temp\{358A8272-C5C9-455F-96F0-7E7631AD9316}-DropboxClient_5.4.24.exe

C:\Users\Deana\AppData\Local\Temp\{D0210D52-E7B2-429A-A530-D6AF5269CA84}-GoogleUpdateSetup.exe

C:\Users\Deana\AppData\Local\Temp\~spA66F.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-10-04 17:30

==================== End of FRST.txt ============================

ADDITIONAL.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-10-2016

Ran by Deana (08-10-2016 19:45:25)

Running from C:\Users\Deana\Desktop

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-10-23 07:20:27)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1504278732-3331403366-2529910698-500 - Administrator - Disabled)

Deana (S-1-5-21-1504278732-3331403366-2529910698-1000 - Administrator - Enabled) => C:\Users\Deana

Guest (S-1-5-21-1504278732-3331403366-2529910698-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)

3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)

Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)

Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems Inc.)

Adobe Reader X (10.1.7) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)

Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )

Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )

Alesis V25 Editor (HKLM\...\V25Editor) (Version: - )

ALOT Toolbar (HKLM\...\alotToolbar) (Version: - ALOT) <==== ATTENTION

ALWIL Software Security 4.8.1296.0 (HKLM\...\ALWIL Software Security 4.8.1296.0) (Version: - )

Amazing Adventures The Lost Tomb 1.0.0.5 (HKLM\...\Amazing Adventures The Lost Tomb 1.0.0.5) (Version: - )

Bejeweled 2 Deluxe 1.1 (HKLM\...\Bejeweled 2 Deluxe 1.1) (Version: - )

Bejeweled Blitz (HKLM\...\Bejeweled Blitz) (Version: - PopCap Games)

Big Fish Games Client (HKLM\...\BFGC) (Version: 1.2.5.17 - )

Big Kahuna Words (HKLM\...\Big Kahuna Words_is1) (Version: - )

Bing Bar (HKLM\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

Chuzzle Deluxe 1.01 (HKLM\...\Chuzzle Deluxe 1.01) (Version: - )

Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Best of Web (HKLM\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)

Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)

Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )

Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )

Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.13 - Dell Inc.)

Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)

Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)

Dropbox (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Dropbox) (Version: 11.4.22 - Dropbox, Inc.)

EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )

Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )

FlipShare (HKLM\...\{4ACBE725-9800-54D0-4B4B-4B1BD3E97E7E}) (Version: 4.1.4.50640 - Flip Video)

Gizmo Central (HKLM\...\Gizmo Central) (Version: v2.7.9 - Arainia Solutions, LLC)

Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden

Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)

GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )

GrandPrix Championship 2 (HKLM\...\{8F66B207-0241-4D0E-8F8E-DB20D8B939C3}) (Version: - )

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )

Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)

Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Margrave Manor (HKLM\...\Margrave Manor) (Version: - )

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)

MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Crimson Skies (HKLM\...\Crimson Skies 1.0) (Version: - )

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell)

Mozilla Firefox 43.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-GB)) (Version: 43.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mystery in London ™ (HKLM\...\BFG-Mystery in London) (Version: - )

Mystery P.I. - The Lottery Ticket 1.0.0.5 (HKLM\...\Mystery P.I. - The Lottery Ticket 1.0.0.5) (Version: - )

Mysteryville 2 (remove only) (HKLM\...\Mysteryville 2) (Version: - )

NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)

Norton Internet Security (HKLM\...\NIS) (Version: 22.7.1.32 - Symantec Corporation)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

OpenOffice.org 3.0 (HKLM\...\{92B79901-C57D-409F-8D2F-4E5337383569}) (Version: 3.0.9358 - OpenOffice.org)

Opera 9.63 (HKLM\...\{1BC4026B-1957-4514-9058-2B542557F143}) (Version: 9.63 - Opera Software ASA)

OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)

Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)

Plato DVD Ripper Professional 6.66.14 (HKLM\...\Plato DVD Ripper Professional_is1) (Version: - Plato Global Creativity)

Prism Video File Converter (HKLM\...\Prism) (Version: - NCH Software)

QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)

QuickTime (HKLM\...\QuickTime) (Version: - )

Rapport (Version: 3.5.1609.100 - Trusteer) Hidden

Reason 5.0 (HKLM\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)

ReCycle 2.2.3 (HKLM\...\ReCycle2.2_32_is1) (Version: 2.2.3 - Propellerhead Software AB)

Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)

SAMSUNG CDMA Modem Driver Set (HKLM\...\SAMSUNG CDMA Modem) (Version: - )

SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )

Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )

SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )

SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )

Samsung PC Studio (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.0.0.60203 - Samsung Electronics Co., Ltd.)

Samsung PC Studio (Version: 3.0.0.60203 - Samsung Electronics Co., Ltd.) Hidden

Samsung PC Studio 3 USB Driver Installer (HKLM\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Splice for Windows (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\6dc0c1241910b832) (Version: 0.0.1.79 - Splice)

Splice Windows Client (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Splice) (Version: 1.2.22 - Splice)

Switch Sound File Converter (HKLM\...\Switch) (Version: - NCH Software)

The Official DSA Theory Test for Motorcyclists (HKLM\...\InstallShield_{B138D49F-B412-4B4A-9198-374EE0D593B7}) (Version: 1.4.1 - Driving Standards Agency)

The Official DSA Theory Test for Motorcyclists (Version: 1.4.1 - Driving Standards Agency) Hidden

Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1609.100 - Trusteer)

V25 Firmware Updater 1.0.0 (HKLM\...\{4F32B54C-C555-46BF-A7EF-DA3300E9C675}) (Version: 1.0.0 - Alesis)

vast DVD Ripper version 1.9.0.0 (HKLM\...\vast DVD Ripper_is1) (Version: - )

Vivitar Experience Image Manager (HKLM\...\Vivitar Experience Image Manager) (Version: - Sakar)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)

Vodafone Mobile Connect Lite (HKLM\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.5.11690 - Vodafone)

WavePad Sound Editor (HKLM\...\WavePad) (Version: - NCH Software)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)

WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

WinX Free DVD Ripper 4.5.14 (HKLM\...\WinX Free DVD Ripper_is1) (Version: - Digiarty Software,Inc.)

Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Deana\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{DE9AD55E-D493-4FA0-9B3F-E9CA5DB7EBD6}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\psuser.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A62DE1A-5A22-42BD-8269-929DA77A2AE8} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-06] (Google) <==== ATTENTION

Task: {446409D5-9E1F-4AD8-A568-198FA369E266} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)

Task: {55B2F342-06F2-4F16-BC84-EC2885E9D65F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)

Task: {59A241DE-06C5-4949-8BEB-01BADC034CAA} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files\Gizmo\gizmo.exe [2016-09-30] (Arainia Solutions)

Task: {7959F03D-F292-4552-8C89-5B87EB44CD29} - System32\Tasks\NCH Swift Sound\wavepadShakeIcon => C:\Program Files\NCH Swift Sound\WavePad\WavePad.exe [2011-06-25] (NCH Software)

Task: {9BFA9261-ABCD-49BB-A5B0-D7BC80F89142} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)

Task: {9C17C86A-44F4-4573-B273-053E40CE872A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)

Task: {A1FDDA0A-9E94-4149-9294-C38BC191D3E9} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files\NCH Software\Prism\Prism.exe [2011-06-25] (NCH Software)

Task: {B258D9B0-D4B5-4527-9C50-78B5875F5496} - System32\Tasks\{AFA339AA-DCBC-4377-BF89-F7B5EDEB9324} => pcalua.exe -a C:\Users\Deana\Desktop\LimeWireWin.exe -d C:\Users\Deana\Desktop

Task: {BC33CF59-E03C-4F7B-8DA7-F13C509B147E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)

Task: {C2365EA3-6645-477F-A03C-0252FB6DB4E7} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\WSCStub.exe [2016-08-16] (Symantec Corporation)

Task: {CD8C619B-9ABD-425C-BDC4-CA0AB2254232} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2016-08-16] (Symantec Corporation)

Task: {EAF24003-5421-477E-9D7B-8F5AC601EC30} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\SymErr.exe [2016-05-23] (Symantec Corporation)

Task: {EC2DCE9D-73D4-460C-B336-5B3B3FCD134E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-02] (Adobe Systems Incorporated)

Task: {EF53A72B-182A-4506-BCF3-DEE7B71C0F84} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)

Task: {F51240AE-93FE-4E88-B9F4-253E17DE539C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\SymErr.exe [2016-05-23] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Deana\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html

Shortcut: C:\Users\Deana\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html

==================== Loaded Modules (Whitelisted) ==============

2008-10-23 13:41 - 2008-07-03 13:29 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE

2008-10-23 13:41 - 2008-07-03 13:28 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll

2016-09-30 19:32 - 2016-09-30 19:32 - 00059304 _____ () C:\Program Files\Gizmo\gshell.dll

2007-09-11 01:45 - 2007-09-11 01:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

2016-06-17 23:13 - 2016-06-17 23:13 - 00198216 _____ () C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

2009-10-28 12:57 - 2009-10-28 12:57 - 00451904 _____ () C:\Program Files\Flip Video\FlipShare\FlipShareService.exe

2009-10-28 12:52 - 2009-10-28 12:52 - 01581056 _____ () C:\Program Files\Flip Video\FlipShare\QtCore4.dll

2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll

2008-10-23 13:45 - 2010-07-06 10:06 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll

2009-10-21 10:38 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll

2013-03-27 17:13 - 2015-06-22 04:27 - 02458032 ____N () C:\Program Files\Inbox Toolbar\Inbox.exe

2016-06-17 23:13 - 2016-06-17 23:13 - 01758280 ____N () C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

2016-09-30 19:32 - 2016-09-30 19:32 - 00166816 _____ () C:\Program Files\Gizmo\GImage.dll

2016-09-30 19:32 - 2016-09-30 19:32 - 00315800 _____ () C:\Program Files\Gizmo\gmanager.dll

2016-09-30 19:32 - 2016-09-30 19:32 - 00404384 _____ () C:\Program Files\Gizmo\gdatabase.dll

2016-09-30 19:32 - 2016-09-30 19:32 - 00394656 _____ () C:\Program Files\Gizmo\gdrive.dll

2008-07-29 15:55 - 2008-07-29 15:55 - 00969728 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

2016-09-11 14:42 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll

2016-09-11 14:42 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

2016-07-17 17:55 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll

2016-10-08 11:48 - 2016-05-17 05:02 - 00026112 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\Splice-SAS.dll

2016-10-08 11:48 - 2016-05-17 05:02 - 02304512 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\libsndfile-1.dll

2016-10-08 11:48 - 2016-05-17 05:02 - 00276992 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\libFLAC_dynamic.dll

2016-10-08 11:48 - 2016-10-05 21:42 - 00074240 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:90D89144 [129]

AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [210]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Deana\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [{8CCA8E7C-80F7-40CC-AEBE-9376C2FD360A}] => (Allow) C:\Program Files\Dell\MediaDirect\MediaDirect.exe

FirewallRules: [{DD81B648-1F51-485F-A5E0-8E8F4F989329}] => (Allow) C:\Program Files\Dell\MediaDirect\PCMService.exe

FirewallRules: [{9F1EF73E-DD8E-49DB-A597-5C7964A5C3C3}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe

FirewallRules: [{77C5565B-BCCA-4011-87CD-AA84C4CD17A8}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe

FirewallRules: [{7635F890-31D8-49EB-B5D4-82CE092D2449}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe

FirewallRules: [{F0494029-1297-495A-87E4-544AE760A745}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe

FirewallRules: [{CBB04CFB-84B1-4152-8680-2BEF17DEA92B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{59CA0B27-AD55-404E-A352-B3C1B4FDF453}] => (Allow) svchost.exe

FirewallRules: [{9D3CBF34-C06D-4C55-BF0E-F16D05F580F0}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe

FirewallRules: [TCP Query User{42ED005A-46C0-42DD-8A3D-5DFD547D05FA}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe

FirewallRules: [UDP Query User{0953EDED-08E7-4A88-83AE-43C9891BCE31}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe

FirewallRules: [TCP Query User{21BD515B-6E0E-4151-8581-66D988205C3C}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe

FirewallRules: [UDP Query User{0FE1A0C9-AAEE-4C8D-A4E3-7D4BD8D4155A}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe

FirewallRules: [{362B9D32-E86D-408C-BD10-065ADDA207D1}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{2FAF89FD-74CB-4B30-898B-2C33E295D6A8}] => (Allow) LPort=2869

FirewallRules: [{212D0755-534D-4F27-AA44-0C02589F230A}] => (Allow) LPort=1900

FirewallRules: [{DA5B1DC8-425F-43FC-8484-40AAD22BB01A}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe

FirewallRules: [{FA482298-AFAC-4575-81A8-6B73E66453F9}] => (Allow) LPort=80

FirewallRules: [{84122195-C68E-4B8F-AB64-B97B0586780D}] => (Allow) LPort=80

FirewallRules: [{4EA7247B-A482-4C27-BFF3-8B1713C8A5DD}] => (Allow) LPort=80

FirewallRules: [{3D5A9DF2-DCDB-424A-8E86-2EC71FC71B56}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe

FirewallRules: [{E12FD63A-5DED-433F-9558-44B6E8B6DB6C}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe

FirewallRules: [{3079018F-4E52-4CDD-8B69-2EEECA740287}] => (Allow) C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{5EB6A414-C09A-434C-B02A-CD65C7DFF15E}] => (Allow) C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{F8D356C5-A065-4086-B0DC-7F47070A9313}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

FirewallRules: [{E725AF99-6C13-49C0-8D8B-CCA3D27F7CB1}] => (Allow) C:\Users\Deana\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{B4B78EA5-213E-4E8E-B3BF-D0C70A3C7DA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{CA0D204D-FF84-4B47-87CD-CBA1A8334D03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{49CC69A9-B2B5-47D7-8530-D6B5A9991385}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

FirewallRules: [{2516A767-BDC4-49C0-A954-8439A1B6D12B}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{07B99DC1-4BA0-4AF4-88C9-4533D6F67346}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{E64A3826-F00B-4DC9-830E-882ECEA25344}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A75C574C-FD73-482B-B6B7-A158AA9D173D}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A1CB466E-8D0D-49C5-A231-D9ECB6C0D61D}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{90373D80-9C2B-4CF7-B0C8-8810EE07F71E}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

10-07-2016 21:18:42 Installed Rapport

16-07-2016 23:54:34 Windows Update

17-07-2016 16:29:58 Installed Rapport

24-07-2016 23:45:42 Windows Update

30-07-2016 10:58:13 Installed Rapport

30-09-2016 18:46:32 Installed Rapport

30-09-2016 20:19:25 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

01-10-2016 14:22:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

01-10-2016 14:24:33 Installed V25 Firmware Updater 1.0.0

03-10-2016 23:35:01 Windows Update

04-10-2016 03:00:29 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (10/08/2016 03:11:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\SOUNDS OF KSHMR VOL. 2\LIVE_INSTRUMENTS> in the hash map cannot be updated.