Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hidden Viruses Caused by Suspicious Tech Support Call


  • Please log in to reply

#1
2Frustrated

2Frustrated

    Member

  • Member
  • PipPip
  • 18 posts

Hello,

 

A technical support team member called WebSoft Solutions (Flex Solutions) took control of my computer to help clean it. It was running slow after I received an email that I had a virus and to call the number from the email. They charged me for this service for 1 month and told me that I would be supported for any other problems.

 

After a few months they wanted to upgrade my drivers and charge me $200+ but did not agree to it. I want to make sure they did not put a virus in my computer. My McAfee virus protector expired at the end of January and I need to sign up again. In the meantime I want to make sure I don't have anything suspicious. I have Malwarebyte and CCleaner and ran them nothing came up when I ran Malwarebyte and I allowed some files to be deleted from the CCleaner. I use Google Chrome and do not have any addon toolbar's. 

 

I recently subscribed to DriverSupport.com and updated all my drivers and paid for this subscription.

 

Thank you for you help.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by djotie (administrator) on DJOTIE-HOME (01-03-2017 18:19:58)
Running from C:\Users\djotie\Desktop
Loaded Profiles: djotie (Available Profiles: djotie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAOsvc.exe
(DeviceVM, Inc.) C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAO.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_comm_customer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_system_customer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_user_customer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_5\mcapexe.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google Inc.) C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-08-16] (IDT, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe
HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [237568 2008-09-10] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_winlogonx64.dll (Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\Run: [MusicManager] => C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\Run: [Google Update] => C:\Users\djotie\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\MountPoints2: {01331fa9-da30-11e2-9364-70f395c870f3} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-09] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
Lsa: [Notification Packages] EgisPwdFilter EgisDSPwdFilter c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-02-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6E7CB6D9-B6B5-4B93-9EC9-3F0AD32AC7A0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CFF69A2D-9514-4EDC-B590-603F18F23A7B}: [NameServer] 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {C23E05BB-08A2-4AFE-A8C9-E5326B0B5A32} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {553202A8-242C-411F-B3AD-796CDC5EE236} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {C23E05BB-08A2-4AFE-A8C9-E5326B0B5A32} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {CF2ACEBE-E2BF-4682-AED4-64F871E359C2} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {553202A8-242C-411F-B3AD-796CDC5EE236} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {C23E05BB-08A2-4AFE-A8C9-E5326B0B5A32} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-64967066-4132848766-3205159548-1001 -> DefaultScope {A65DCA0C-E93B-44A9-89A0-F5B937FDF8E1} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US400D20130620&p={searchTerms}
SearchScopes: HKU\S-1-5-21-64967066-4132848766-3205159548-1001 -> {A65DCA0C-E93B-44A9-89A0-F5B937FDF8E1} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US400D20130620&p={searchTerms}
SearchScopes: HKU\S-1-5-21-64967066-4132848766-3205159548-1001 -> {C23E05BB-08A2-4AFE-A8C9-E5326B0B5A32} URL = 
SearchScopes: HKU\S-1-5-21-64967066-4132848766-3205159548-1001 -> {CF2ACEBE-E2BF-4682-AED4-64F871E359C2} URL = 
BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll [2010-06-08] (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-18] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-14] (Oracle Corporation)
BHO-x32: No Name -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> No File
BHO-x32: No Name -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-18] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-14] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-18] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-11-18] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-11-18] (McAfee, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\djotie\AppData\Roaming\Mozilla\Firefox\Profiles\xpqbep6w.default-1436663651820 [2017-03-01]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\xpqbep6w.default-1436663651820 -> Secure Search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\xpqbep6w.default-1436663651820 -> Secure Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\xpqbep6w.default-1436663651820 -> Secure Search
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\djotie\AppData\Roaming\Mozilla\Firefox\Profiles\xpqbep6w.default-1436663651820\searchplugins\McSiteAdvisor.xml [2016-01-30]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt
FF Extension: (SimplePass Online Accounts Extension ) - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010-11-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-02-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-18] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-22] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-11-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-11-18] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-64967066-4132848766-3205159548-1001: @citrixonline.com/appdetectorplugin -> C:\Users\djotie\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-18] (Citrix Online)
FF Plugin HKU\S-1-5-21-64967066-4132848766-3205159548-1001: @hulu.com/Hulu Desktop -> C:\Users\djotie\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-11] (Hulu LLC)
FF Plugin HKU\S-1-5-21-64967066-4132848766-3205159548-1001: @tools.google.com/Google Update;version=3 -> C:\Users\djotie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-64967066-4132848766-3205159548-1001: @tools.google.com/Google Update;version=9 -> C:\Users\djotie\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\djotie\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-01-27] (Cisco WebEx LLC)
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US400D20130620&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Google Slides) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-26]
CHR Extension: (Google Docs) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-26]
CHR Extension: (Google Drive) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-26]
CHR Extension: (YouTube) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-26]
CHR Extension: (Google Cast) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-02]
CHR Extension: (Adblock Plus) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-18]
CHR Extension: (Google Search) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-26]
CHR Extension: (Google Sheets) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-26]
CHR Extension: (Google Docs Offline) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-26]
CHR Extension: (Chrome Media Router) - C:\Users\djotie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lkccbfdpdphpphllomdbkmpfenmohoeg] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9575\ch\WebexpEnhancedV1alpha9575.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mppfgbbhnckijfafmpjdbjkocdljgnpk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha283\ch\WebexpEnhancedV1alpha283.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DSAO; C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe [2033104 2016-10-22] (PC Drivers HeadQuarters LP)
R2 DvmMDES; C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-06-25] (DeviceVM, Inc.)
R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-08] (Egis Technology Inc. )
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [451904 2009-06-04] ()
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1251\g2ax_service.exe [607240 2017-01-23] (Citrix Systems, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [452576 2016-02-09] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [901088 2016-02-09] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_5\McAPExe.exe [963176 2016-10-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-18] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\\McCSPServiceHost.exe [1934968 2016-10-17] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1307752 2016-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [242704 2016-09-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [384016 2016-09-08] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [331280 2016-09-08] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1473128 2016-10-07] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-04-17] ()
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1041512 2016-09-08] (Intel Security, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2671376 2012-04-17] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88120 2016-09-09] (McAfee, Inc.)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-02-09] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [477752 2016-09-09] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [364088 2016-09-09] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [512056 2016-09-09] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [884792 2016-09-09] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [527496 2016-09-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-09-09] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110136 2016-09-09] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252984 2016-09-09] (McAfee, Inc.)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-01 18:19 - 2017-03-01 18:20 - 00043656 _____ C:\Users\djotie\Desktop\FRST.txt
2017-03-01 18:18 - 2017-03-01 18:18 - 02423808 _____ (Farbar) C:\Users\djotie\Desktop\FRST64.exe
2017-03-01 18:13 - 2017-03-01 18:13 - 02423808 _____ (Farbar) C:\Users\djotie\Downloads\FRST64 (1).exe
2017-03-01 18:10 - 2017-03-01 18:19 - 00000000 ____D C:\FRST
2017-03-01 18:09 - 2017-03-01 18:10 - 02423808 _____ (Farbar) C:\Users\djotie\Downloads\FRST64.exe
2017-02-28 22:13 - 2017-02-28 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-02-28 22:10 - 2017-02-28 22:10 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2017-02-28 22:10 - 2017-02-28 22:10 - 00000000 ____D C:\ProgramData\Logitech
2017-02-28 22:01 - 2017-02-28 22:01 - 00000000 ____D C:\Users\djotie\AppData\Local\Broadcom
2017-02-28 21:47 - 2017-02-28 21:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2017-02-28 21:47 - 2017-02-28 21:47 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-02-28 21:13 - 2017-02-28 21:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2017-02-28 21:12 - 2017-02-28 21:12 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2017-02-28 21:10 - 2017-02-28 21:10 - 00000000 ____D C:\ProgramData\Intel
2017-02-28 21:05 - 2017-02-28 21:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2017-02-28 21:04 - 2017-02-28 22:11 - 00000000 ____D C:\ProgramData\Logishrd
2017-02-28 21:04 - 2017-02-28 22:10 - 00000000 ____D C:\Users\djotie\AppData\Roaming\Logitech
2017-02-28 21:04 - 2017-02-28 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-02-28 21:04 - 2017-02-28 21:05 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2017-02-28 21:04 - 2017-02-28 21:04 - 00000000 ____D C:\Users\djotie\AppData\Roaming\Logishrd
2017-02-28 21:04 - 2017-02-28 21:04 - 00000000 ____D C:\Program Files\Logitech
2017-02-28 20:59 - 2017-02-28 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-02-28 20:59 - 2008-09-10 10:16 - 00237568 _____ () C:\Windows\tsnp2uvc.exe
2017-02-28 20:59 - 2004-08-09 17:43 - 00094208 _____ (Microsoft Corporation) C:\Windows\amcap.exe
2017-02-28 20:56 - 2011-08-16 00:32 - 14061568 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2017-02-28 20:56 - 2011-08-16 00:32 - 00654848 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2017-02-28 20:56 - 2011-08-16 00:32 - 00564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
2017-02-28 20:49 - 2011-08-16 00:32 - 01966080 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2017-02-28 20:49 - 2011-08-16 00:32 - 00534016 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2017-02-28 20:49 - 2011-08-16 00:32 - 00446464 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2017-02-28 20:48 - 2017-02-28 20:57 - 00000000 ____D C:\Program Files\IDT
2017-02-28 20:35 - 2012-03-06 08:59 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2017-02-28 20:35 - 2011-09-17 22:08 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2017-02-28 20:34 - 2012-05-02 03:48 - 00184144 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2017-02-28 20:34 - 2012-03-06 08:59 - 00210984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2017-02-28 20:21 - 2017-02-28 22:11 - 00003484 _____ C:\Windows\System32\Tasks\Driver Support
2017-02-28 20:21 - 2017-02-28 22:11 - 00000000 ____D C:\ProgramData\UAB
2017-02-28 20:21 - 2017-02-28 20:21 - 00003778 _____ C:\Windows\System32\Tasks\Driver Support-RTMScan
2017-02-28 20:21 - 2017-02-28 20:21 - 00003776 _____ C:\Windows\System32\Tasks\Driver Support-RTMUpdater
2017-02-28 20:21 - 2017-02-28 20:21 - 00003764 _____ C:\Windows\System32\Tasks\Driver Support-RTMRules
2017-02-28 20:21 - 2017-02-28 20:21 - 00000000 ____D C:\Users\djotie\Downloads\Driver Support
2017-02-28 20:21 - 2017-02-28 20:21 - 00000000 ____D C:\Users\djotie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Support
2017-02-28 20:21 - 2017-02-28 20:21 - 00000000 ____D C:\Users\djotie\AppData\Local\PC_Drivers_Headquarters
2017-02-28 20:18 - 2017-02-28 20:18 - 00673992 _____ (PC Drivers HeadQuarters LP) C:\Users\djotie\Downloads\DriverSupport (3).exe
2017-02-28 20:10 - 2017-02-28 20:10 - 00673992 _____ (PC Drivers HeadQuarters LP) C:\Users\djotie\Downloads\DriverSupport (2).exe
2017-02-23 23:32 - 2017-02-23 23:32 - 00673992 _____ (PC Drivers HeadQuarters LP) C:\Users\djotie\Downloads\DriverSupport (1).exe
2017-02-23 06:48 - 2017-02-23 06:48 - 00174836 _____ C:\Users\djotie\Downloads\1487817948372.pdf
2017-02-18 15:47 - 2017-02-18 15:47 - 00000000 ____D C:\Users\djotie\AppData\Local\Glance
2017-02-18 13:26 - 2017-02-18 13:26 - 00000165 ____H C:\Users\djotie\Documents\~$2016 Medical Expense and Misc.xlsx
2017-02-12 20:06 - 2017-02-12 20:11 - 00000000 ____D C:\Users\djotie\Documents\Dental 2017
2017-02-12 19:55 - 2017-02-12 19:55 - 00078582 _____ C:\Users\djotie\Downloads\ChangePcdConfirmation.pdf
2017-02-12 19:55 - 2017-02-12 19:55 - 00078582 _____ C:\Users\djotie\Downloads\ChangePcdConfirmation (1).pdf
2017-02-12 19:10 - 2017-02-12 19:10 - 00090639 _____ C:\Users\djotie\Downloads\memBenefitReport_Feb2017.pdf
2017-02-12 19:10 - 2017-02-12 19:10 - 00090639 _____ C:\Users\djotie\Downloads\memBenefitReport_Feb2017 (1).pdf
2017-02-12 14:25 - 2017-02-12 14:25 - 00223416 _____ C:\Users\djotie\Downloads\1484299300405 (1).pdf
2017-02-12 13:41 - 2017-02-12 13:41 - 00000000 ____D C:\Users\djotie\AppData\Local\Intuit
2017-02-12 10:35 - 2017-02-12 10:37 - 00003257 _____ C:\Users\djotie\Downloads\ExportedTransactions (19).csv
2017-02-08 20:52 - 2017-02-08 20:52 - 00084473 _____ C:\Users\djotie\Downloads\PRO Unlimited Vision 2015.pdf
2017-02-08 20:52 - 2017-02-08 20:52 - 00084473 _____ C:\Users\djotie\Downloads\PRO Unlimited Vision 2015 (1).pdf
2017-02-08 20:40 - 2017-02-08 20:40 - 00198694 _____ C:\Users\djotie\Downloads\PUGS OAPIN 9-1-2016 rev 8-11-2016.pdf
2017-02-08 20:39 - 2017-02-08 20:39 - 00637230 _____ C:\Users\djotie\Downloads\PRO DHMO 2014 (1).pdf
2017-02-08 20:38 - 2017-02-08 20:38 - 00637230 _____ C:\Users\djotie\Downloads\PRO DHMO 2014.pdf
2017-02-06 18:28 - 2017-02-06 18:35 - 00023181 _____ C:\Users\djotie\Downloads\ExportedTransactions (18).csv
2017-02-06 18:05 - 2017-02-06 18:05 - 00077916 _____ C:\Users\djotie\Downloads\100682434__DaphneJotie.pdf
2017-02-04 23:02 - 2017-02-12 14:19 - 00018189 _____ C:\Users\djotie\Documents\2016 Medical Expense and Misc.xlsx
2017-02-04 18:15 - 2017-02-04 18:15 - 00002513 _____ C:\Users\Public\Desktop\TurboTax 2016.lnk
2017-02-04 18:15 - 2017-02-04 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-02-03 18:08 - 2017-02-03 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-02-01 16:32 - 2017-02-01 16:32 - 00046062 _____ C:\Users\djotie\Documents\US Tech Solutions W2 2016.pdf
2017-02-01 16:31 - 2017-02-01 16:31 - 00057803 _____ C:\Users\djotie\Documents\US Tech Solutions W2 2015.pdf
2017-02-01 15:56 - 2017-02-01 15:56 - 00098456 _____ C:\Users\djotie\Documents\US US Tech Solution W2 2015.pdf
2017-02-01 08:31 - 2017-02-01 08:31 - 00002990 _____ C:\Users\djotie\Downloads\sigimg0
2017-01-30 14:56 - 2017-01-30 14:56 - 00064207 _____ C:\Users\djotie\Downloads\A Summary of Your Rights under the FCRA.pdf
2017-01-30 13:50 - 2017-02-02 13:04 - 00000000 ____D C:\Users\djotie\Documents\ProUnlimited Doc
2017-01-30 13:35 - 2017-01-30 13:35 - 00118919 _____ C:\Users\djotie\Documents\Daphne Jotie Current 2016.pdf
2017-01-30 13:35 - 2017-01-30 13:35 - 00000000 ____D C:\Users\djotie\AppData\Local\CEF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-03-01 17:57 - 2009-07-13 20:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-01 17:57 - 2009-07-13 20:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-01 17:36 - 2016-11-18 16:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 17:33 - 2014-05-08 21:28 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001UA1cf6b477d8a2c56.job
2017-03-01 17:24 - 2014-06-28 18:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-28 22:55 - 2015-01-26 17:13 - 00000000 ____D C:\Users\djotie\AppData\Local\ElevatedDiagnostics
2017-02-28 22:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-02-28 22:17 - 2009-07-13 21:13 - 00782238 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-28 22:10 - 2016-07-05 17:15 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleFordjotie.job
2017-02-28 22:10 - 2014-01-02 20:41 - 00000012 ____H C:\dvmexp.idx
2017-02-28 22:10 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-28 21:50 - 2010-11-15 03:20 - 00000000 ____D C:\Program Files\Intel
2017-02-28 21:47 - 2010-11-15 03:15 - 00000000 ____D C:\Program Files (x86)\Intel
2017-02-28 21:43 - 2009-09-06 16:40 - 00000000 ____D C:\SwSetup
2017-02-28 21:41 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-02-28 21:34 - 2010-11-15 03:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-28 21:10 - 2010-11-15 03:16 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-02-28 20:59 - 2010-10-26 09:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-28 20:21 - 2016-09-18 13:23 - 00000000 ____D C:\Program Files (x86)\Driver Support
2017-02-28 19:18 - 2016-07-05 17:15 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleFordjotie
2017-02-24 07:09 - 2013-07-26 07:44 - 00000000 ____D C:\Windows\system32\MRT
2017-02-24 06:58 - 2017-01-24 08:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-24 06:55 - 2013-06-21 11:41 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 17:27 - 2016-02-15 12:13 - 00000000 ____D C:\Users\djotie\AppData\Roaming\HpUpdate
2017-02-18 23:05 - 2016-01-02 15:06 - 00000000 ____D C:\Users\djotie\Documents\TurboTax
2017-02-18 20:53 - 2013-07-31 18:15 - 00000000 ____D C:\Users\djotie\Documents\New folder
2017-02-15 12:24 - 2014-06-28 18:58 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-15 12:24 - 2014-06-28 18:58 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-15 12:24 - 2014-06-28 18:58 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 12:24 - 2013-06-20 22:50 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-15 12:24 - 2010-10-26 09:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-12 10:50 - 2016-12-06 15:49 - 00000000 ____D C:\Users\djotie\Documents\Checkbook 2016
2017-02-07 17:44 - 2015-12-26 12:04 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 17:44 - 2015-12-26 12:04 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 21:40 - 2013-06-20 20:51 - 00000000 ____D C:\ProgramData\McAfee
2017-02-05 21:39 - 2009-07-13 20:45 - 00434160 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-04 20:29 - 2015-07-22 18:29 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2017-02-04 18:23 - 2013-06-20 20:26 - 00119064 _____ C:\Users\djotie\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-04 18:16 - 2016-01-02 14:58 - 00000789 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-02-04 18:11 - 2016-01-02 14:54 - 00000000 ____D C:\Program Files (x86)\TurboTax
2017-02-04 18:04 - 2016-01-02 14:59 - 00000000 ____D C:\Users\djotie\AppData\Roaming\Intuit
2017-02-03 18:08 - 2016-12-23 18:08 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-03 18:08 - 2015-11-13 21:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-01-31 19:47 - 2015-03-14 08:20 - 00023552 _____ C:\Users\djotie\Documents\Card Balances.xlsx
2017-01-31 07:48 - 2016-11-17 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 07:48 - 2013-06-20 23:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 15:27 - 2016-11-20 16:00 - 00000000 ____D C:\Users\djotie\AppData\LocalLow\Mozilla
2017-01-30 13:35 - 2014-07-01 17:10 - 00000000 ____D C:\Users\djotie\AppData\Local\Adobe
2017-01-30 12:07 - 2015-07-28 20:13 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-01-30 11:59 - 2013-06-20 21:01 - 00000000 ____D C:\Program Files\Common Files\McAfee
 
==================== Files in the root of some directories =======
 
2013-10-23 20:28 - 2013-10-23 20:28 - 0000600 _____ () C:\Users\djotie\AppData\Roaming\winscp.rnd
2013-08-30 23:52 - 2013-08-30 23:52 - 0008704 _____ () C:\Users\djotie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-20 20:28 - 2013-12-21 00:43 - 0000119 _____ () C:\Users\djotie\AppData\Local\mv_music.xml
2013-06-20 20:28 - 2013-12-20 23:08 - 0000170 _____ () C:\Users\djotie\AppData\Local\mv_Photo.xml
2013-10-23 19:37 - 2012-12-07 14:41 - 0007680 _____ () C:\Users\djotie\AppData\Local\[email protected]!-5938e875-c358-43ac-af37-59df2dd4d899.tmp
2013-10-23 19:37 - 2012-12-07 14:41 - 0007168 _____ () C:\Users\djotie\AppData\Local\[email protected]!-174fccc7-5d0d-479c-8b07-d8b5098b6d7b.tmp
2016-02-15 12:11 - 2016-02-15 12:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-02 14:58 - 2017-02-04 18:16 - 0000789 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2010-11-15 03:36 - 2010-11-15 03:36 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-10-26 11:10 - 2010-10-26 11:11 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-11-15 03:35 - 2010-11-15 03:35 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-10-26 11:07 - 2010-10-26 11:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-11-15 03:35 - 2010-11-15 03:35 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-11-15 03:36 - 2010-11-15 03:36 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-10-26 11:06 - 2010-10-26 11:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-10-26 11:07 - 2010-10-26 11:10 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-11-15 03:36 - 2010-11-15 03:36 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
 
Some files in TEMP:
====================
2017-02-23 23:39 - 2017-02-28 20:21 - 6186368 _____ (PC Drivers HeadQuarters LP) C:\Users\djotie\AppData\Local\Temp\DriverSupport.exe
2017-02-28 21:05 - 2014-03-24 14:55 - 0099096 _____ () C:\Users\djotie\AppData\Local\Temp\LMkRstPt.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-02-22 18:13
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by djotie (01-03-2017 18:21:08)
Running from C:\Users\djotie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-06-21 04:21:08)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-64967066-4132848766-3205159548-500 - Administrator - Disabled)
djotie (S-1-5-21-64967066-4132848766-3205159548-1001 - Administrator - Enabled) => C:\Users\djotie
Guest (S-1-5-21-64967066-4132848766-3205159548-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-64967066-4132848766-3205159548-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {B10D5953-051E-97F6-F53B-3839EFD98259}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {0A6CB8B7-2324-9878-CF8B-034B945EC8E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {8936D876-4F71-96AE-DE64-910C110AC522}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3ivx MPEG-4 5.0.3 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.78 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\Amazon Kindle) (Version:  - Amazon)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BioExcess (Version: 7.0.33.0 - Egis Technology Inc.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Driver Support (HKLM-x32\...\DriverSupport) (Version: 10.1.4.39 - PC Drivers HeadQuarters LP) <==== ATTENTION
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlipShare (HKLM-x32\...\{0D3F9802-689F-9B6D-8E44-B55971F0CCBB}) (Version: 4.5.0.39816 - Flip Video)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToAssist Customer 3.1.0.1251 (HKLM-x32\...\GoToAssist Express Customer) (Version: 3.1.0.1251 - Citrix Online)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Documentation (HKLM-x32\...\{F3DE25BA-16EA-42A5-BC92-786BECBE5CE4}) (Version: 1.1.1.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)
HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.3.11.0 - DeviceVM Inc.)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.33.0 - Egis Technology Inc.)
HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hulu Desktop (HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6359.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2141 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{705EE775-5776-48FD-B704-C3C9CF535420}) (Version: 15.1.1.0170 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}) (Version: 15.01.1500.1034 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.0.2063 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\MusicManager) (Version:  - Google, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.25.824.2010 - Realtek)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
StarCam Flip (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50001.303 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.061 - The New York Times Company)
Times Reader (x32 Version: 2.061 - The New York Times Company) Hidden
TopArcadeHits (HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\{C1C3E833-420E-4D78-9BA7-86AEBB272384}) (Version:  - TopArcadeHits)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1209664A-7952-4B7F-8FE1-A035A6C96E07} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {15816BE9-0762-425A-B9FF-A7926CCEB080} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-02-22] (PC Drivers Headquarters LP)
Task: {23DEE561-0646-4737-A3AE-597F60842351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {29E745D9-A69A-4A23-BB18-B68C5A204E64} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-02-22] (PC Drivers Headquarters LP)
Task: {3C85E2BD-D897-4C4A-AC1F-6D7D65071F1F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {43CB98A3-83B7-4A41-B441-B869F82D7855} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-02-22] (PC Drivers Headquarters LP)
Task: {4A891B84-6494-4CD3-B024-3C5F3B9AAA4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {52CF9550-21E5-45F7-93A6-68433E464AA6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {5CEE0A89-02E6-4C13-879C-68464DA63C7A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001UA1cf4aec88abd59b => C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {642CC0A6-6BF6-46D3-AEA3-BA32971211A6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {6444C682-5835-40DF-B5E8-C793FACA9C29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001UA1cf6b477d8a2c56 => C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {75C1817A-AF08-4337-B454-9E6E53C77129} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {7BF5AE2E-DC0A-4538-8BC1-0C11BDC294FE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {8E674DC7-975C-4BC9-819F-5ED6723F326A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {94658483-0EBB-4DD5-AC00-7450F7EB7574} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-10-11] (McAfee, Inc.)
Task: {A93105D4-A7AE-440D-9EB2-24976848EF7B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {AA2592DB-ADF3-4742-856F-50BCAC1775B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {AC8703EC-D372-4414-A484-6D04C7A3B438} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {AE5F0CF6-0448-490C-988C-118BC45E5E5B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-12-15] (McAfee, Inc.)
Task: {B6401B46-BAE8-4E8F-9618-496811DAFE1B} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {BFFF46C0-2540-4E9F-972D-4D9CEA29CD36} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-02-22] (PC Drivers Headquarters LP)
Task: {C0016993-9802-44B3-A0E5-A5334D9267CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001UA1d0e351b33882eb => C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C57E928E-04EC-4AA6-9A27-2E2BD6F098BA} - System32\Tasks\{F78B63B1-C447-42F0-9AAF-054CE986267F} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.1.0.104.259&amp;LastError=404
Task: {CD5145C7-514C-43D6-AE69-36D9633EA604} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {DF17D95F-34D5-48D6-87A7-D94BC29163C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {E22AFBA0-F972-49BD-A82B-6EB2CB8A2EB9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001Core => C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E8E414E7-53A7-40FB-AA8D-974752E1F16A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {E9D93A20-4470-4023-8B73-32FD451A46A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {FCD0702B-82CE-409E-A579-1019759E9FD4} - System32\Tasks\HPCeeScheduleFordjotie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {FF25365D-D44C-4421-A269-145CB35C5707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-64967066-4132848766-3205159548-1001UA1cf6b477d8a2c56.job => C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleFordjotie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2009-01-21 16:45 - 2009-01-21 16:45 - 01401856 _____ () C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP SIMPLEPASS IDENTITY PROTECTION\X64\LIBEAY32.dll
2009-06-04 16:41 - 2009-06-04 16:41 - 00451904 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2009-06-04 16:37 - 2009-06-04 16:37 - 01581056 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2015-11-17 09:44 - 2015-11-17 09:44 - 00117248 _____ () C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 09:45 - 2015-11-17 09:45 - 00234496 _____ () C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 09:45 - 2015-11-17 09:45 - 00253440 _____ () C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 09:44 - 2015-11-17 09:44 - 00344064 _____ () C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2017-02-28 21:34 - 2017-02-28 21:34 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll
2010-11-15 03:18 - 2012-02-02 08:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2017-02-07 17:44 - 2017-02-01 01:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 17:44 - 2017-02-01 01:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-14 17:58 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\djotie\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-64967066-4132848766-3205159548-1001\...\driversupport.com -> hxxps://apps.driversupport.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2017-02-03 18:08 - 00000105 ____A C:\Windows\system32\Drivers\etc\hosts
 
㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳਍਍਍਍਍਍਍਍਍਍਍਍਍਍഍《〮〮ㄮ洉獳汰獵洮慣敦⹥潣
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-64967066-4132848766-3205159548-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\djotie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: Google Update => "C:\Users\djotie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: MusicManager => "C:\Users\djotie\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SearchProtect => C:\Users\djotie\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: VitaKeyTSR => C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{92CE761D-C186-47C4-8134-08FFB5C7D3E0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{37878A2F-176C-47CD-A7F9-73687272FC3F}] => (Allow) svchost.exe
FirewallRules: [{9FC0753E-2556-40C4-8C9D-E3231ECE19DA}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{D139B0C7-3AEF-4BC6-B6CF-1FF65A04BA30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{DECD8BB3-2AEA-4187-A6FB-74497A3637DA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{76FED6DB-5B50-44D8-B368-E79A8BD2438D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{AFA32585-2D54-493A-8B8F-C2A75C51EDD1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{2E9A26CD-1E10-4A11-AD5A-21A1C1A088B2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{42076693-CEAE-424E-AB59-6879F9D6A939}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{7B232BE4-3AB0-4C4D-ADAD-60C377EE25C4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{BD3594AC-E085-44D7-BA63-43C61E942838}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{A40BA093-4267-40B3-A94C-4A2A10880EE6}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{6775B2AC-6B9E-4562-B335-52497A49579A}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{8EBED02E-39D5-42DD-AD49-51CD8E4F9A9D}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{0085580E-BF6B-4929-9567-D9E069939252}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{E06994F0-9207-4D00-9194-D48D771027F7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0971771C-37C2-4402-AD28-AA9E74DB0851}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E5F6D05D-F62D-476D-A226-D02827DF431A}] => (Allow) LPort=2869
FirewallRules: [{885B698F-5DBC-45B6-8E32-1FE1E746E62E}] => (Allow) LPort=1900
FirewallRules: [{CB3DCB76-90B0-43F7-84CB-42A4EE447E4F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3F232DB5-76D5-4193-BDD0-CC538771A099}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E67D5BEB-F064-4918-AB07-B49FED7011F2}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F39D9AF2-5D04-43C1-88F2-746081E5F936}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48CD13D0-CD50-4178-B100-1DB4B3229DEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D18060E5-68FB-43C5-87AB-2077E5417AFC}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{A7CD8363-FE84-4B7A-9CE1-6F3B952030D7}] => (Allow) LPort=5357
FirewallRules: [{7E16193A-4719-4472-9E1B-E3BECF432F80}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CB288B41-755C-4EF9-AAB9-13EF4B8A8C1E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{07770F9A-1ACD-4838-A2DB-F3CDF2867C4D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{2F6E6F18-8CA4-438E-89E0-0A4CBB5A9D0F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{CDBBDA18-6CC9-4F46-9E75-43D9648E9B31}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{69DA1558-9636-4671-BC49-26DA4AEA2932}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{15C5B354-02D7-4910-A155-5B9E5CC00266}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{06591CA0-175E-4BF3-9405-C349FFBD1C30}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{8ACE576D-0014-42CD-9409-5DF31E97BFEA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
 
==================== Restore Points =========================
 
07-02-2017 17:48:12 Windows Update
14-02-2017 19:35:12 Windows Update
21-02-2017 12:13:27 Windows Update
24-02-2017 06:53:50 Windows Update
28-02-2017 18:57:35 Windows Update
28-02-2017 20:35:12 Broadcom BTW Restore Point
28-02-2017 20:57:03 Configured IDT Audio
28-02-2017 20:59:29 Installed StarCam Flip
28-02-2017 21:40:42 Installed Validity WBF DDK
28-02-2017 21:46:21 Installed Intel® PROSet/Wireless WiFi Software
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/28/2017 10:21:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (8888) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/28/2017 10:21:26 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (8888) testing: An attempt to open the file "C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/28/2017 10:21:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (8888) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/28/2017 10:21:16 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (8888) testing: An attempt to open the file "C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/28/2017 10:20:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (8888) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/28/2017 10:20:06 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (8888) testing: An attempt to open the file "C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/28/2017 10:19:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (8888) testing: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (02/28/2017 10:19:56 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (8888) testing: An attempt to open the file "C:\Users\djotie\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/28/2017 08:20:39 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (02/28/2017 08:19:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DriverSupport.exe version 10.1.4.39 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3940
 
Start Time: 01d29241f61f573f
 
Termination Time: 62
 
Application Path: C:\Program Files (x86)\Driver Support\DriverSupport.exe
 
Report Id: 06b5a9f1-fe36-11e6-98b7-70f395c870f3
 
 
System errors:
=============
Error: (02/28/2017 10:11:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/28/2017 10:11:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/24/2017 06:52:34 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (02/24/2017 06:52:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.
 
Error: (02/22/2017 05:24:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:21:56 PM on ‎2/‎22/‎2017 was unexpected.
 
Error: (02/20/2017 08:04:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSupportSolutionsFrameworkService service.
 
Error: (02/20/2017 08:03:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.
 
Error: (02/19/2017 08:00:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (02/16/2017 09:07:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout.
 
Error: (02/15/2017 06:00:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:53:03 PM on ‎2/‎15/‎2017 was unexpected.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3893.86 MB
Available physical RAM: 1039.1 MB
Total Virtual: 7785.9 MB
Available Virtual: 3676.3 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:441.75 GB) (Free:342.48 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:23.72 GB) (Free:3.46 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 522B6E86)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP