Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

fake browser update has rendered browsers unusable [Solved]

Started by kenbarber , Nov 22 2016 01:46 PM
fake browser update

  • This topic is locked This topic is locked

#16
Bruce1270
Posted 29 November 2016 - 02:13 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi KenBarber
 

and foxfire is back to running. i thank you very much.


Good news and you are most welcome. :)

I think we are almost there but before I round things up please run a fresh set of FRST logs to check nothing remains.
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run.
  • Please copy and paste the FRST.txt and Addition.txt to your reply.

  • 0

Advertisements

#17
kenbarber
Posted 30 November 2016 - 11:49 AM

kenbarber

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts

got another fake browser attempt. i just delete it. wont get sucked by that again.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by Kenneth (administrator) on KENNETH-HP (30-11-2016 11:41:44)
Running from C:\Users\Kenneth\Desktop
Loaded Profiles: Kenneth & LogMeInRemoteUser (Available Profiles: Kenneth & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\nis.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\Free Desktop Timer\DesktopTimer.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe
(Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\conathst.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-12-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [72736 2016-01-18] (Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1985056 2016-01-18] (Prosoftnet)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [cdloader] => C:\Users\Kenneth\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [Facebook Update] => C:\Users\Kenneth\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-12-30] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [FreeDesktopTimer] => C:\Program Files (x86)\Free Desktop Timer\DesktopTimer.exe [623616 2013-01-26] ()
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [KGShareApp] => C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe [394752 2012-06-26] (Eastman Kodak Company)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-09-02] (Siber Systems)
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
ShellIconOverlayIdentifiers: [  0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [  0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [  0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-08-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-12-13]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-02-09]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PRTG Enterprise Console.lnk [2013-03-28]
ShortcutTarget: PRTG Enterprise Console.lnk -> C:\Program Files (x86)\PRTG Network Monitor\PRTG Enterprise Console.exe (Paessler AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
Tcpip\..\Interfaces\{F52047E5-D6C8-4EA2-B649-DF266EDC869F}: [DhcpNameServer] 24.116.0.53 24.116.2.50

Internet Explorer:
==================
HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
HKU\S-1-5-21-1169555862-3845460206-1416485692-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-1169555862-3845460206-1416485692-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> {4313FCE4-FD2A-4C18-BB96-4E96F99B196B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {4313FCE4-FD2A-4C18-BB96-4E96F99B196B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1169555862-3845460206-1416485692-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1169555862-3845460206-1416485692-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-26] (RealDownloader)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-09-02] (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-09-02] (Siber Systems Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-09-02] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-09-02] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-1169555862-3845460206-1416485692-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-09-02] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1169555862-3845460206-1416485692-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775 [2016-11-30]
FF Homepage: Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775 -> hxxp://www.yahoo.com/
FF Extension: (Maps) - C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775\Extensions\@Maps.xpi [2016-02-27]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775\Extensions\[email protected] [2016-09-23]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775\Extensions\[email protected] [2016-08-15]
FF Extension: (Adblock Plus) - C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-28]
FF SearchPlugin: C:\Users\Kenneth\AppData\Roaming\Mozilla\Firefox\Profiles\f5w5i3ez.default-1442976934775\searchplugins\norton-safe-search.xml [2015-11-03]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon [2016-11-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-05-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: (RoboForm Toolbar) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-09-02]
FF HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-12-13] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-12-13] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-01-11] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1169555862-3845460206-1416485692-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Kenneth\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-05-11] (Citrix Online)
FF Plugin HKU\S-1-5-21-1169555862-3845460206-1416485692-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kenneth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1169555862-3845460206-1416485692-1004: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2012-06-30] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-12-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-10-04] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-12-13] (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2012-10-19] (Coupons, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default [2016-11-28]
CHR Extension: (Google Slides) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-27]
CHR Extension: (Google Docs) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-27]
CHR Extension: (Google Drive) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Norton Security Toolbar) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-11-27]
CHR Extension: (Google Sheets) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-27]
CHR Extension: (Google Docs Offline) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]
CHR Extension: (Norton Identity Safe) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-11-27]
CHR Extension: (Skype) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-11-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-27]
CHR Extension: (Gmail) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-27]
CHR Extension: (RoboForm Password Manager) - C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-11-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-16]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-30] (Garmin Ltd or its subsidiaries)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [154656 2016-01-18] (Prosoftnet)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-10-24] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2016-10-24] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\NIS.exe [289080 2016-11-12] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PRTGCoreService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [6917904 2013-03-04] (Paessler AG)
R2 PRTGProbeService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [8495376 2013-03-04] (Paessler AG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-13] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [161744 2015-03-11] (RaMMicHaeL) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20161121.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1608010.00E\ccSetx64.sys [174328 2016-06-01] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-10-03] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-03] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20161129.001\IDSvia64.sys [1012952 2016-10-27] (Symantec Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-29] (LogMeIn, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1608010.00E\SRTSP64.SYS [784624 2016-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1608010.00E\Ironx64.SYS [289520 2016-11-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1608010.00E\SYMNETS.SYS [567512 2016-11-11] (Symantec Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2016-11-28] ()
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\SDSDefs\20160701.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\SDSDefs\20160701.001\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-29 13:35 - 2016-11-29 13:36 - 00007438 _____ C:\Users\Kenneth\Downloads\firefox-patch.js
2016-11-28 22:08 - 2016-11-28 22:36 - 00000000 ____D C:\EEK
2016-11-28 22:06 - 2016-11-28 22:07 - 256536440 _____ C:\Users\Kenneth\Downloads\EmsisoftEmergencyKit.exe
2016-11-28 22:00 - 2016-11-28 22:00 - 00018841 _____ C:\Users\Kenneth\Desktop\scanlog.txt
2016-11-28 21:49 - 2016-11-28 21:49 - 00096784 _____ (CACE Technologies) C:\Windows\SysWOW64\WPRO_41_2001woem.tmp
2016-11-28 21:49 - 2016-11-28 21:49 - 00035344 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2016-11-28 19:51 - 2016-11-28 21:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-28 19:50 - 2016-11-28 19:53 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-28 19:50 - 2016-11-28 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-28 19:50 - 2016-11-28 19:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-28 19:50 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-28 19:50 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-28 19:50 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-28 19:47 - 2016-11-28 19:48 - 22851472 _____ (Malwarebytes ) C:\Users\Kenneth\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-28 19:47 - 2016-11-28 19:47 - 22851472 _____ (Malwarebytes ) C:\Users\Kenneth\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-27 16:25 - 2016-11-27 16:25 - 00000000 ____D C:\Users\Kenneth\AppData\Local\0de59
2016-11-27 16:21 - 2016-11-27 16:21 - 00000465 _____ C:\Users\Kenneth\Desktop\fixlist.lnk
2016-11-27 12:48 - 2016-11-27 12:48 - 03910208 _____ C:\Users\Kenneth\Downloads\AdwCleaner (2).exe
2016-11-27 12:48 - 2016-11-27 12:48 - 03910208 _____ C:\Users\Kenneth\Desktop\AdwCleaner (1).exe
2016-11-27 12:09 - 2016-11-30 11:21 - 02411520 _____ (Farbar) C:\Users\Kenneth\Desktop\FRST64.exe
2016-11-27 12:09 - 2016-11-30 11:21 - 00000000 ____D C:\Users\Kenneth\Desktop\FRST-OlderVersion
2016-11-27 12:05 - 2016-11-27 12:05 - 00006936 _____ C:\Users\Kenneth\Desktop\fixlist (1).txt
2016-11-26 18:38 - 2016-11-26 18:38 - 00000000 ____D C:\Users\Kenneth\AppData\Local\HuluDesktop
2016-11-23 18:32 - 2016-11-23 18:38 - 00055436 _____ C:\Users\Kenneth\Downloads\Addition.txt
2016-11-23 18:28 - 2016-11-23 18:28 - 02412032 _____ (Farbar) C:\Users\Kenneth\Downloads\FRST64 (1).exe
2016-11-23 18:26 - 2016-11-23 18:27 - 00000000 ____D C:\Users\Kenneth\Downloads\FRST-OlderVersion
2016-11-22 13:21 - 2016-11-22 13:21 - 00907392 _____ (KeySolutionsIO Inc. ) C:\Users\Kenneth\Downloads\PCMedic-Setup.exe
2016-11-22 00:54 - 2016-11-22 00:54 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2016-11-22 00:44 - 2016-11-22 00:44 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-11-19 11:53 - 2016-11-19 11:53 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-19 11:53 - 2016-11-19 11:53 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-18 11:52 - 2016-11-30 11:23 - 00000000 ____D C:\Users\Kenneth\AppData\LocalLow\Mozilla
2016-11-17 13:42 - 2016-11-30 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-12 07:31 - 2016-10-27 21:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-12 07:31 - 2016-10-27 21:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-12 07:31 - 2016-10-27 13:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-12 07:31 - 2016-10-27 13:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-12 07:31 - 2016-10-27 12:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-12 07:31 - 2016-10-27 12:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-12 07:31 - 2016-10-27 12:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-12 07:31 - 2016-10-27 12:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-12 07:31 - 2016-10-27 12:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-12 07:31 - 2016-10-27 12:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-12 07:31 - 2016-10-27 12:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-12 07:31 - 2016-10-27 12:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-12 07:31 - 2016-10-27 12:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-12 07:31 - 2016-10-27 12:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-12 07:31 - 2016-10-27 12:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-12 07:31 - 2016-10-27 12:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-12 07:31 - 2016-10-27 12:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-12 07:31 - 2016-10-27 12:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-12 07:31 - 2016-10-27 12:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-12 07:31 - 2016-10-27 12:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-12 07:31 - 2016-10-27 12:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-12 07:31 - 2016-10-27 12:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 07:31 - 2016-10-27 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-12 07:31 - 2016-10-27 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-12 07:31 - 2016-10-27 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-12 07:31 - 2016-10-27 12:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-12 07:31 - 2016-10-27 12:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-12 07:31 - 2016-10-27 11:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-12 07:31 - 2016-10-27 11:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-12 07:31 - 2016-10-27 11:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-12 07:31 - 2016-10-27 11:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-12 07:31 - 2016-10-27 11:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-12 07:31 - 2016-10-27 11:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-12 07:31 - 2016-10-27 11:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-12 07:31 - 2016-10-27 11:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-12 07:31 - 2016-10-27 10:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-12 07:31 - 2016-10-27 09:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-12 07:31 - 2016-10-25 09:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-12 07:31 - 2016-10-22 11:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-12 07:31 - 2016-10-22 11:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-12 07:31 - 2016-10-22 11:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-12 07:31 - 2016-10-22 11:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-12 07:31 - 2016-10-22 11:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-12 07:31 - 2016-10-22 11:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-12 07:31 - 2016-10-22 11:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-12 07:31 - 2016-10-22 11:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-12 07:31 - 2016-10-22 11:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-12 07:31 - 2016-10-22 11:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-12 07:31 - 2016-10-22 11:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-12 07:31 - 2016-10-22 11:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-12 07:31 - 2016-10-22 11:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-12 07:31 - 2016-10-22 11:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-12 07:31 - 2016-10-22 11:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-12 07:31 - 2016-10-22 10:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-12 07:31 - 2016-10-22 10:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-12 07:31 - 2016-10-22 10:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-12 07:31 - 2016-10-22 10:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-12 07:31 - 2016-10-22 10:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-12 07:31 - 2016-10-22 10:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-12 07:31 - 2016-10-22 10:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-12 07:31 - 2016-10-22 10:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-12 07:31 - 2016-10-22 10:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-12 07:31 - 2016-10-22 10:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-12 07:31 - 2016-10-22 10:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-12 07:31 - 2016-10-22 10:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-12 07:31 - 2016-10-22 10:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-12 07:31 - 2016-10-11 07:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-12 07:31 - 2016-10-11 07:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-12 07:31 - 2016-10-10 09:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-12 07:31 - 2016-10-10 09:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-12 07:31 - 2016-10-10 09:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-12 07:31 - 2016-10-10 09:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-12 07:31 - 2016-10-10 09:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-12 07:31 - 2016-10-10 09:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-12 07:31 - 2016-10-10 09:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-12 07:31 - 2016-10-10 09:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-12 07:31 - 2016-10-10 08:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-12 07:31 - 2016-10-07 09:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-12 07:31 - 2016-10-07 09:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-12 07:31 - 2016-10-07 09:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-12 07:31 - 2016-10-07 09:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-12 07:31 - 2016-10-07 09:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-12 07:31 - 2016-10-07 09:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-12 07:31 - 2016-10-07 09:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-12 07:31 - 2016-10-07 09:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-12 07:31 - 2016-10-07 09:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-12 07:31 - 2016-10-07 09:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-12 07:31 - 2016-10-07 09:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-12 07:31 - 2016-10-07 09:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-12 07:31 - 2016-09-15 08:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-12 07:31 - 2016-09-12 13:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-12 07:31 - 2016-09-12 12:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-12 07:31 - 2016-09-12 12:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-12 07:31 - 2016-09-09 12:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-12 07:31 - 2016-09-08 14:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-12 07:31 - 2016-09-08 14:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-12 07:31 - 2016-09-08 14:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-12 07:31 - 2016-09-08 14:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-12 07:31 - 2016-09-08 08:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-12 07:31 - 2016-08-29 09:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-12 07:31 - 2016-08-29 09:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-12 07:31 - 2016-08-29 09:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-11-12 07:31 - 2016-08-29 09:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-12 07:31 - 2016-08-29 09:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-12 07:31 - 2016-08-29 09:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-11-12 07:31 - 2016-08-29 09:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-12 07:31 - 2016-08-29 08:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-12 07:31 - 2016-08-22 10:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-12 07:31 - 2016-08-12 11:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-12 07:31 - 2016-08-12 10:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-12 07:31 - 2016-08-12 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-12 07:31 - 2016-08-06 09:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-12 07:31 - 2016-08-06 09:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-12 07:31 - 2016-08-06 09:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-12 07:31 - 2016-08-06 09:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-12 07:31 - 2016-08-06 09:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-12 07:31 - 2016-08-06 09:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-12 07:31 - 2016-08-06 09:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-12 07:31 - 2016-08-06 09:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-12 07:31 - 2016-08-06 08:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-12 07:31 - 2016-06-14 11:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-12 07:31 - 2016-06-14 11:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-12 07:31 - 2016-06-14 11:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-12 07:31 - 2016-06-14 09:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-12 07:31 - 2016-06-14 09:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-12 07:30 - 2016-11-02 09:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-12 07:30 - 2016-11-02 09:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-12 07:30 - 2016-11-02 09:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-12 07:30 - 2016-11-02 09:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-12 07:30 - 2016-11-02 09:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-12 07:30 - 2016-11-02 09:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-12 07:30 - 2016-11-02 09:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-12 07:30 - 2016-11-02 09:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-12 07:30 - 2016-11-02 09:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-12 07:30 - 2016-11-02 08:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-12 07:30 - 2016-10-22 11:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-12 07:30 - 2016-10-15 09:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-12 07:30 - 2016-10-15 09:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-12 07:30 - 2016-10-15 09:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-12 07:30 - 2016-10-15 09:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-12 07:30 - 2016-10-11 09:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-12 07:30 - 2016-10-11 09:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-12 07:30 - 2016-10-11 09:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-12 07:30 - 2016-10-11 09:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-12 07:30 - 2016-10-11 09:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-12 07:30 - 2016-10-11 09:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-12 07:30 - 2016-10-11 09:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-12 07:30 - 2016-10-11 09:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-12 07:30 - 2016-10-11 09:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-12 07:30 - 2016-10-11 09:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-12 07:30 - 2016-10-11 09:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-12 07:30 - 2016-10-11 09:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-12 07:30 - 2016-10-10 09:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-12 07:30 - 2016-10-10 09:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-12 07:30 - 2016-10-10 09:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-12 07:30 - 2016-10-10 09:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-12 07:30 - 2016-10-10 09:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-12 07:30 - 2016-10-10 09:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-12 07:30 - 2016-10-10 09:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-12 07:30 - 2016-10-10 09:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-12 07:30 - 2016-10-10 09:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-12 07:30 - 2016-10-10 08:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-12 07:30 - 2016-10-10 08:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-12 07:30 - 2016-10-10 08:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-12 07:30 - 2016-10-10 08:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-12 07:30 - 2016-10-10 08:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 09:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-12 07:30 - 2016-10-07 09:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-12 07:30 - 2016-10-07 09:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-12 07:30 - 2016-10-07 09:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-12 07:30 - 2016-10-07 09:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-12 07:30 - 2016-10-07 08:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-12 07:30 - 2016-10-07 08:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-12 07:30 - 2016-10-07 08:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-12 07:30 - 2016-10-07 08:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-12 07:30 - 2016-10-07 08:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-12 07:30 - 2016-10-07 08:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 08:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 08:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-12 07:30 - 2016-10-07 08:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-12 07:30 - 2016-10-05 08:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-12 07:30 - 2016-09-13 09:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-12 07:30 - 2016-09-13 09:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-12 07:30 - 2016-09-12 15:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-12 07:30 - 2016-09-12 14:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-12 07:30 - 2016-09-09 12:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-12 07:30 - 2016-09-08 08:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-12 07:30 - 2016-08-12 11:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-12 07:30 - 2016-08-12 11:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-12 07:30 - 2016-08-12 11:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-12 07:30 - 2016-08-12 11:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-12 07:30 - 2016-08-12 10:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-12 07:30 - 2016-08-12 10:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-12 07:30 - 2016-08-12 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-12 07:30 - 2016-08-12 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-12 07:30 - 2016-08-06 09:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-12 07:30 - 2016-08-06 09:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-12 07:30 - 2016-08-06 09:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-12 07:30 - 2016-08-06 09:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-12 07:30 - 2016-08-06 09:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-12 07:30 - 2016-08-06 08:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-12 07:30 - 2016-08-06 08:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-12 07:30 - 2016-06-14 11:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-12 07:30 - 2016-06-14 11:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-12 07:30 - 2016-06-14 11:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-12 07:30 - 2016-06-14 09:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-12 07:30 - 2016-06-14 09:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-12 07:30 - 2016-06-14 09:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-12 07:30 - 2016-06-14 09:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-12 07:30 - 2016-06-14 09:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-12 07:30 - 2016-06-14 09:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-12 07:30 - 2016-06-14 09:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-12 07:30 - 2016-06-14 09:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-12 07:27 - 2016-09-12 15:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-11-12 07:27 - 2016-09-12 15:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-11-12 07:27 - 2016-09-09 09:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-11-12 07:27 - 2016-08-16 14:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-11-12 07:27 - 2016-08-16 14:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-11-12 07:17 - 2016-07-22 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-11-12 07:17 - 2016-07-22 08:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-11-07 17:47 - 2016-08-16 11:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-11-07 17:47 - 2016-08-15 20:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-11-07 17:47 - 2016-08-12 10:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-11-07 17:47 - 2016-08-12 10:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-11-07 17:47 - 2016-08-12 10:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-11-07 17:45 - 2016-07-07 09:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-11-07 17:45 - 2016-07-07 09:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-11-07 17:45 - 2016-07-07 09:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-11-07 17:45 - 2016-07-07 09:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-11-07 17:45 - 2016-05-13 16:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-07 17:45 - 2016-05-13 16:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-07 17:45 - 2016-05-13 16:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-07 17:45 - 2016-05-13 16:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-11-07 17:45 - 2016-05-13 15:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-07 17:45 - 2016-05-13 15:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-07 17:45 - 2016-05-13 15:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-07 17:45 - 2016-05-13 15:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-07 17:45 - 2016-05-13 15:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-07 17:45 - 2016-05-13 15:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-07 17:45 - 2016-05-13 15:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-11-07 17:45 - 2016-05-13 15:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-07 17:45 - 2016-05-13 15:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-07 17:45 - 2016-05-13 15:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-07 17:45 - 2016-05-13 15:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-07 17:45 - 2016-05-13 15:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-07 17:45 - 2016-05-12 09:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-07 17:45 - 2016-05-04 11:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-11-07 17:45 - 2016-05-04 11:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-11-07 17:45 - 2016-05-04 11:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-11-07 17:45 - 2016-05-04 11:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-11-07 17:45 - 2016-05-04 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-11-07 17:45 - 2016-05-04 11:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-11-07 17:45 - 2016-05-04 11:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-11-07 17:45 - 2016-05-04 11:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-11-07 17:45 - 2016-05-04 09:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-11-07 17:45 - 2016-05-04 08:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-11-01 14:55 - 2016-11-01 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-01 14:51 - 2016-11-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-30 11:43 - 2015-02-13 09:18 - 00035972 _____ C:\Users\Kenneth\Desktop\FRST.txt
2016-11-30 11:43 - 2011-08-11 14:00 - 00000000 ____D C:\Users\Kenneth\Documents\Outlook Files
2016-11-30 11:41 - 2015-05-31 12:12 - 00000000 ____D C:\ProgramData\IDrive
2016-11-30 11:41 - 2015-02-08 21:24 - 00000000 ____D C:\FRST
2016-11-30 11:22 - 2012-07-27 00:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-30 11:04 - 2012-07-25 22:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-30 10:55 - 2011-04-11 18:37 - 00000000 ____D C:\ProgramData\Temp
2016-11-30 10:54 - 2013-03-08 08:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-30 10:14 - 2012-04-13 18:04 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000UA.job
2016-11-30 04:33 - 2009-07-13 22:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-30 04:33 - 2009-07-13 22:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-30 03:11 - 2011-08-11 13:09 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{455289D7-BB8D-46C4-A347-FA67D6BA3AED}
2016-11-30 01:29 - 2012-04-25 02:25 - 00000000 ____D C:\ProgramData\LogMeIn
2016-11-30 00:38 - 2015-07-31 03:14 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-11-29 19:12 - 2012-07-25 22:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-29 16:14 - 2012-04-13 18:04 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000Core.job
2016-11-28 21:48 - 2014-01-25 03:24 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-11-28 21:48 - 2011-04-11 18:49 - 00000000 ____D C:\ProgramData\PDFC
2016-11-28 21:47 - 2013-03-27 13:26 - 00000000 ____D C:\Program Files (x86)\PRTG Network Monitor
2016-11-28 21:46 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-28 21:45 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Registration
2016-11-28 21:43 - 2013-09-09 11:18 - 00000000 ____D C:\Program Files (x86)\MyPoints Toolbar
2016-11-28 21:43 - 2011-10-05 20:26 - 00000000 ____D C:\Program Files (x86)\Mob Wars Toolbar
2016-11-27 16:27 - 2015-02-12 21:46 - 00022079 _____ C:\Users\Kenneth\Desktop\Fixlog.txt
2016-11-27 12:59 - 2015-02-12 22:14 - 00000000 ____D C:\AdwCleaner
2016-11-27 12:58 - 2011-08-11 12:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-11-27 10:07 - 2009-07-13 23:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-27 10:05 - 2011-09-06 02:17 - 03915862 _____ C:\Windows\ntbtlog.txt
2016-11-26 13:24 - 2016-04-29 12:38 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForKenneth
2016-11-26 13:24 - 2016-04-29 12:38 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForKenneth.job
2016-11-23 18:51 - 2015-02-08 21:27 - 00103966 _____ C:\Users\Kenneth\Downloads\FRST.txt
2016-11-23 18:26 - 2015-02-11 15:55 - 02412032 _____ (Farbar) C:\Users\Kenneth\Downloads\FRST64.exe
2016-11-23 00:28 - 2011-08-11 13:12 - 00000000 ____D C:\Users\Kenneth\AppData\Local\CrashDumps
2016-11-22 00:45 - 2011-04-11 18:55 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2016-11-22 00:43 - 2015-07-31 15:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-11-22 00:43 - 2011-08-11 12:14 - 00002409 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2016-11-21 01:55 - 2012-12-02 07:56 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForKENNETH-HP$
2016-11-21 01:55 - 2012-12-02 07:56 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForKENNETH-HP$.job
2016-11-19 12:09 - 2011-11-08 13:55 - 00000000 ____D C:\Users\Kenneth\AppData\Local\Citrix
2016-11-18 18:12 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-14 16:06 - 2012-12-13 08:30 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-13 19:09 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2016-11-13 15:09 - 2009-07-13 23:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-13 15:09 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-11-13 14:47 - 2009-07-13 22:45 - 00410648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-13 14:46 - 2013-03-14 02:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-13 14:46 - 2013-03-14 02:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-13 14:43 - 2014-12-10 03:38 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-13 14:43 - 2014-06-05 02:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-11-13 14:43 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-13 14:42 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-13 14:25 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-11-13 14:19 - 2011-08-28 19:06 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-13 14:17 - 2013-03-14 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-09 19:21 - 2014-12-25 00:31 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 19:54 - 2013-03-08 08:33 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 19:54 - 2012-03-29 01:20 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 19:54 - 2012-02-23 00:18 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 19:54 - 2011-08-11 15:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 19:54 - 2011-04-11 18:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 05:00 - 2014-10-10 12:01 - 00000000 ____D C:\Windows\Minidump
2016-11-08 04:59 - 2011-07-15 10:27 - 00336292 ____N C:\Windows\Minidump\110816-87688-01.dmp
2016-11-06 17:34 - 2016-02-24 18:09 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 14:55 - 2016-10-25 19:02 - 00000000 ____D C:\Program Files\iTunes

==================== Files in the root of some directories =======

2013-03-07 18:56 - 2013-06-09 20:38 - 0922944 _____ () C:\Users\Kenneth\AppData\Local\a.zip
2011-11-23 18:41 - 2016-08-15 18:23 - 0007605 _____ () C:\Users\Kenneth\AppData\Local\Resmon.ResmonCfg
2011-08-11 12:25 - 2011-08-11 12:38 - 0000840 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-28 00:16

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by Kenneth (30-11-2016 11:44:01)
Running from C:\Users\Kenneth\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-08-11 18:06:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1169555862-3845460206-1416485692-500 - Administrator - Disabled)
Guest (S-1-5-21-1169555862-3845460206-1416485692-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1169555862-3845460206-1416485692-1002 - Limited - Enabled)
Kenneth (S-1-5-21-1169555862-3845460206-1416485692-1000 - Administrator - Enabled) => C:\Users\Kenneth
LogMeInRemoteUser (S-1-5-21-1169555862-3845460206-1416485692-1004 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.240 - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{8E9405C3-4A81-A757-1670-56B202B46F3C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.821.0 - ATI Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Elevated Installer (x32 Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
e-Rewards Notify (HKLM-x32\...\{CA457C59-214E-421D-B2F7-D34FEC0FAB04}) (Version: 1.1.0.274 - e-Rewards Opinion Panel)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version:  - Drive Software Company)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Garmin Express (HKLM-x32\...\{0904cc72-1b29-426a-b0f0-228d2744a4f6}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-1169555862-3845460206-1416485692-1004\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
KODAK Share Button App (HKLM-x32\...\{C3F0CF4C-0A8C-42F1-A585-2EF7886D6039}) (Version: 4.03.0000.0000 - Eastman Kodak Company)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LogMeIn (HKLM-x32\...\{2BFDA78F-39F7-4537-9995-71424CFA88BB}) (Version: 4.1.2138 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{26F88B15-E5F0-47D2-8176-1A9312DD44AD}) (Version: 1.3.1648 - LogMeIn, Inc.)
Logos Bible Software (HKLM-x32\...\{69D716F2-3E38-441C-B2E4-BAF2B3D0DED7}) (Version: 6.128.49 - Faithlife Corporation)
magicJack (HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
magicJack Outlook Add-In 1.0.3.521 (HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\...\magicJack Outlook Add-In) (Version: 1.0.3.521 - magicJack)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mob Wars Toolbar (HKLM-x32\...\Mob Wars Toolbar) (Version:  - )
Mouse Recorder Pro 2.0.6.0 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version:  - Nemex Studios)
Mozilla Firefox 50.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0.1 (x86 en-US)) (Version: 50.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.1.6171 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 en-US)) (Version: 24.3.0 - Mozilla)
mPlayer version 1.0 (HKLM-x32\...\{B482E758-D602-434C-80B9-DDEFEEAE4BCA}_is1) (Version: 1.0 - Download Freely, LLC)
MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPoints Toolbar (HKLM-x32\...\MyPoints Toolbar) (Version:  - )
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.8.1.14 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perky Duck 11.2 (HKLM-x32\...\{5F606A38-D310-4FEF-ABBD-E1A15AC0E6BE}) (Version: 11.2.0100 - Duxbury Systems, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PRTG Network Monitor (HKLM-x32\...\{5EC294B8-98F8-4C20-BE73-F11A04295CA5}_is1) (Version: 9 - Paessler AG)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RoboForm 7-9-21-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-21-5 - Siber Systems)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TaxACT 2011 - 1040 Edition (HKLM-x32\...\TaxACT 2011 - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
TaxACT 2011 Alabama (HKLM-x32\...\TaxACT 2011 Alabama) (Version:  - 2nd Story Software, Inc.)
TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version:  - 2nd Story Software, Inc.)
TaxACT 2012 Alabama (HKLM-x32\...\TaxACT 2012 Alabama) (Version:  - 2nd Story Software, Inc.)
TaxACT 2013 - 1040 Edition (HKLM-x32\...\TaxACT 2013 - 1040 Edition) (Version:  - TaxACT, Inc.)
TaxACT 2013 Alabama (HKLM-x32\...\TaxACT 2013 Alabama) (Version:  - TaxACT, Inc.)
TaxACT 2014 - 1040 Edition (HKLM-x32\...\TaxACT 2014 - 1040 Edition) (Version: 1.00 - TaxACT, Inc.)
TaxACT 2014 Alabama (HKLM-x32\...\TaxACT 2014 Alabama) (Version: 1.01 - TaxACT, Inc.)
TaxAct 2015 1040 Edition (HKLM-x32\...\TaxAct 2015 1040 Edition) (Version: 1.00 - TaxAct, Inc.)
TaxAct 2015 Alabama (HKLM-x32\...\TaxAct 2015 Alabama) (Version: 1.02 - TaxAct, Inc.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UMPlayer 0.98 [Athlon] (HKLM-x32\...\UMPlayer) (Version: 0.98 - Ori Rejwan)
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION
Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verbum (HKLM-x32\...\{F734A2F2-135D-446C-B70F-6A857653B887}) (Version: 6.144.29 - Faithlife Corporation)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (HKLM\...\3D970B9F930E7AAE23C06D39A1AC98548C90B442) (Version: 01/29/2010 1.4.1.0 - Eastman Kodak)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022C117D-A69C-45EA-A72E-0FB9E095E920} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000UA => C:\Users\Kenneth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {046FA54B-8FEB-4489-8A1C-DC83869BCAEA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000Core => C:\Users\Kenneth\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {0C0B6D96-5055-4533-A931-4E84A6877704} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {18DBBA8E-3815-4955-BFA4-9FB4DB13AAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {1AD20DEC-F5A8-4D26-8D07-2C36DA3BD744} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {21D6B5D4-9D5A-4DF2-933D-86A55FC3E250} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {3014BA90-0A47-4A17-B9CF-3E9866A2F723} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {42D93A95-1A61-421E-9B8C-5046D971BE5A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-08-08] (HP Inc.)
Task: {4B717A1C-5CF1-4A55-AACB-24D31C5F951F} - System32\Tasks\{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect => C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe [2012-06-26] (Eastman Kodak Company)
Task: {4BB9D14A-783E-4231-8FFB-4D683F47BF66} - System32\Tasks\HPCeeScheduleForKenneth => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {7030256D-B976-4409-BE5D-55A265795D6D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1169555862-3845460206-1416485692-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {74253863-F451-4B03-B82B-7418AFEA2672} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-09-02] (Siber Systems)
Task: {8255EDFB-5FDD-47B5-931D-A7ECD9ECC5A4} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJJOJIMPMGMOMLMMMCNJJMJMMJJCNLMMMHMGMCNHMOJMMKJCNOJGMIMOJMMOJLMPMKJJMGMKMJNJICMIMCNGMCNNMOMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMOMHMLMGMJNHICMLIHJKJMIPIJNBJCMELKJBJBJKJLIHJPNNLOJNINJKJNIJNKJCMJNNICM (the data entry has 63 more characters).
Task: {85CFB42F-580C-4345-BEAD-D156DBB0DEA8} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1169555862-3845460206-1416485692-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {98FDD12B-0791-4B62-94E4-0105B54D9943} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {9D00F211-D8A6-406F-A743-BFBF4E173495} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2013-10-22] (Hewlett-Packard)
Task: {A769168B-7530-414F-9E3B-DE3D63477E3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {AB52DE04-574E-4F94-88C3-3198B527A2D6} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2016-11-11] (Symantec Corporation)
Task: {C00778D9-731F-4909-AA4B-7624CBE56715} - System32\Tasks\HPCeeScheduleForKENNETH-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {C829ACB1-69A6-474F-92E0-496B3FDA5054} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {D1EF9990-27A6-4820-9055-EE6291234B77} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\WSCStub.exe [2016-11-11] (Symantec Corporation)
Task: {D8332300-F055-49B7-8894-04AA2F6BD723} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {E3415C48-224C-4CDC-BB59-E67B14BC477E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2013-10-22] (Hewlett-Packard)
Task: {E60702F8-6315-41FA-AA40-BBCF9AEA6D6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F1337489-73D7-469D-A675-7BC1D57D524D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000Core.job => C:\Users\Kenneth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1169555862-3845460206-1416485692-1000UA.job => C:\Users\Kenneth\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKENNETH-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKenneth.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Kenneth\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --use-spdy=off --disable-quic
ShortcutWithArgument: C:\Users\Kenneth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --use-spdy=off --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --use-spdy=off --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2016-01-19 01:41 - 2015-11-25 13:03 - 00601600 _____ () C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2011-03-09 21:59 - 2011-03-09 21:59 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2011-03-09 22:00 - 2011-03-09 22:00 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-03-13 11:30 - 2013-01-26 16:52 - 00623616 _____ () C:\Program Files (x86)\Free Desktop Timer\DesktopTimer.exe
2016-01-19 01:41 - 2016-01-18 16:27 - 00013312 _____ () C:\Program Files (x86)\IDriveWindows\SqliteWrapper.dll
2016-01-19 01:41 - 2015-11-25 13:03 - 00834048 _____ () C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2016-01-19 01:41 - 2015-11-25 13:03 - 00412672 _____ () C:\Program Files (x86)\IDriveWindows\Sync.dll
2016-01-19 01:41 - 2016-01-18 16:27 - 00043520 _____ () C:\Program Files (x86)\IDriveWindows\RemoteManagement.dll
2011-03-09 22:00 - 2011-03-09 22:00 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-09 22:05 - 2011-03-09 22:05 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 13:20 - 2011-03-14 13:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2013-03-27 17:17 - 2012-09-14 13:34 - 00046352 _____ () C:\Program Files (x86)\PRTG Network Monitor\PaesslerTrafficControl.dll
2014-08-08 14:38 - 2014-12-13 10:43 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-11-14 16:06 - 2016-11-08 14:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 16:06 - 2016-11-08 14:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-10 04:18 - 2016-11-10 04:18 - 17772736 _____ () C:\Users\Kenneth\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:9A870F8B [1026]
AlternateDataStreams: C:\Users\Kenneth\Documents\bjbirthcert.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Kenneth\Documents\bjbirthcert.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Kenneth\Documents\brail.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Kenneth\Documents\brail.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Kenneth\Documents\longhorn2.jpeg:3or4kl4x13tuuug3Byamue2s4b [89]
AlternateDataStreams: C:\Users\Kenneth\Documents\longhorn2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2016-11-28 21:48 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com

There are 3 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1169555862-3845460206-1416485692-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kenneth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.116.0.53 - 24.116.2.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{82967644-E440-4294-97D8-2329150344FF}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B41EFFD7-6933-4E72-B036-14AD42E08025}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

19-11-2016 12:10:06 Removed Java 8 Update 111
27-11-2016 12:12:37 Restore Point Created by FRST
27-11-2016 16:24:20 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/28/2016 09:48:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/28/2016 07:52:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 2.3.173.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2308

Start Time: 01d249e30f96f6a9

Termination Time: 5

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id: 6efc435a-b5d6-11e6-8415-2c27d732c84b

Error: (11/27/2016 07:25:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/27/2016 04:24:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9596fb4a-702c-41e5-ae49-242a2de3e94b}

Error: (11/27/2016 01:33:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 50.0.0.6152 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2618

Start Time: 01d248e4ee1d8e89

Termination Time: 10

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 4f5ba5a7-b4d8-11e6-90d1-2c27d732c84b

Error: (11/27/2016 01:04:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/27/2016 12:35:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/27/2016 12:13:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/27/2016 12:12:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {0ced7ddd-d1cd-45d4-be8f-4f186be62c8f}

Error: (11/27/2016 12:10:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 27.11.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e34

Start Time: 01d248d95c40657d

Termination Time: 7

Application Path: C:\Users\Kenneth\Desktop\FRST64.exe

Report Id: b9713dbb-b4cc-11e6-af11-2c27d732c84b


System errors:
=============
Error: (11/30/2016 11:46:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140995069

Error: (11/30/2016 11:46:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140995069

Error: (11/30/2016 11:46:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140995069

Error: (11/30/2016 11:46:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140995069

Error: (11/30/2016 11:46:53 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (11/30/2016 11:46:53 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (11/30/2016 11:46:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140995069

Error: (11/30/2016 11:46:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140995069

Error: (11/30/2016 11:46:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140995069

Error: (11/30/2016 11:46:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140995069


==================== Memory info ===========================

Processor: AMD Athlon™ II X4 645 Processor
Percentage of memory in use: 63%
Total physical RAM: 5887.29 MB
Available physical RAM: 2164.38 MB
Total Virtual: 11772.75 MB
Available Virtual: 7654.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.27 GB) (Free:819.62 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.36 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 09D940BD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#18
Bruce1270
Posted 30 November 2016 - 04:41 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi KenBarber

Just a couple of minor removals.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe" [X]
C:\Users\Kenneth\AppData\Local\0de59

  • Save this as fixlist.txt, in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.

  • 0

#19
kenbarber
Posted 30 November 2016 - 10:27 PM

kenbarber

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts

here we are.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by Kenneth (30-11-2016 22:25:12) Run:5
Running from C:\Users\Kenneth\Desktop
Loaded Profiles: Kenneth & LogMeInRemoteUser (Available Profiles: Kenneth & LogMeInRemoteUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe" [X]
C:\Users\Kenneth\AppData\Local\0de59
*****************

Restore point was successfully created.
McComponentHostService => service removed successfully
C:\Users\Kenneth\AppData\Local\0de59 => moved successfully

==== End of Fixlog 22:25:40 ====


  • 0

#20
Bruce1270
Posted 01 December 2016 - 03:47 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi KenBarber

Good News! - Your system now appears to be clean. :)
Now for some clean up and "housekeeping" procedures.

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
  • Download Delfix from here
  • Locate the file and right click on it. Click on Run as Administrator.
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
  • Reset system settings

    delfix.jpg
  • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

    Staying Updated

    Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
    1. Click the Start Orb in the lower left corner of the screen.
    2. Type Windows Update in the search box that appears
    3. Click on the Windows Update program that appears in the search results.
    Windows%20Update.JPG
    4. Click on Change Settings.
    CheckForUpdates.JPG
    5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
    WUChangeSettings.JPG
    6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
    7. Ensure that all of the other check boxes are checked.
    8. Click OK.

    Malwarebytes - Update and run weekly to keep your system clean.

    Staying Protected

    Crypto Warning!!!! - Complete Data Loss can occur!

    There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here
  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • If installing for the first time you will get asked if you want to whitelist items in known blocked locations. Say No to this.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.

    That's it. The protection is in place.

    Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
    UpdatesV7.4.11.JPG
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem.
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

    To learn more about how to protect yourself while on the internet read this little guide Best security practices.

    Go here for some good advice about how to prevent infection.

    Happy safe surfing!! :)

    That's us finished. It's been a pleasure working with you. :)

    P.S Don't forget to post the Delfix log!

  • 0

#21
kenbarber
Posted 01 December 2016 - 08:45 PM

kenbarber

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts

i am sorry i goofed. when i was setting windows update it ask me to restart and i lost notepad and i do not know how to recover it.


  • 0

#22
Bruce1270
Posted 02 December 2016 - 02:50 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi KenBarber

Delfix deletes all the tools I use and then deletes itself, so don't worry about the log. :)

Safe Surfing and all the best.
  • 0

#23
kenbarber
Posted 02 December 2016 - 03:44 PM

kenbarber

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts

thank you very much. i would not have been able to do it alone.


  • 0

#24
Bruce1270
Posted 06 December 2016 - 03:48 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP