Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer very slow; could it be a virus?

Started by frogg25 , Jul 08 2017 11:44 PM

Please log in to reply

#1
frogg25

Posted 08 July 2017 - 11:44 PM

Member

Member
33 posts

Hi,

Besides the title above, my computer doesn't connect right away to wi-fi, as it previously did. When I click on a browser, Chrome and MS Edge, I get the message that I'm not connected. I'm not sure if that has anything to do with a virus, and also, that started after my last windows update.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017

Ran by msnancy (administrator) on NMS-HPLAPTOP (09-07-2017 01:30:52)

Running from C:\Users\msnancy\Desktop

Loaded Profiles: msnancy (Available Profiles: msnancy)

Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Intel Corporation) C:\Windows\System32\ibtsiva.exe

(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

() C:\Program Files\CyberLink\Shared files\RichVideo64.exe

() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe

(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe

(Livescribe) C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe

(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe

(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853760 2016-03-28] (Realtek Semiconductor)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)

HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)

HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [258600 2016-01-05] (HP)

HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2016-01-29] (CyberLink Corp.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)

HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48616 2015-07-21] (CenturyLink Inc)

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)

HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"

HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FocalFilterHelper.lnk [2017-02-12]

ShortcutTarget: FocalFilterHelper.lnk -> C:\Program Files (x86)\FocalFilter\FocalFilterHelper.exe (Microsoft)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-06-30]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\msnancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-02-01]

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226

Tcpip\..\Interfaces\{15c629a5-c976-4d38-9439-bbc709bfbcf4}: [DhcpNameServer] 192.168.0.1 205.171.2.226

Tcpip\..\Interfaces\{b3104797-83c1-4757-b734-b2ddce4ef94e}: [DhcpNameServer] 192.168.0.1 205.171.2.226

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE

HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE

HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-05] (Microsoft Corporation)

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-05] (Microsoft Corporation)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-16] (Microsoft Corporation)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-10-31] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-05] (Microsoft Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-05] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-05] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-05] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-05] (Microsoft Corporation)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-11-21] (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-21] (McAfee, Inc.)

FireFox:

========

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-10-24] [not signed]

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-11-21] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-11-21] ()

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-25] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.duckduckgo.com/

CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://google.com/"

CHR NewTab: Default -> Not-active:"chrome-extension://jnnbmiailafajdkboegcjcdklooomfic/stubby.html", Not-active:"chrome-extension://aobadcdcjhddnkicijcmnpfppjdekplf/stubby.html"

CHR DefaultSearchKeyword: Default -> ls

CHR Profile: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default [2017-07-09]

CHR Extension: (Google Slides) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-08]

CHR Extension: (Ancient History Encyclopedia) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2017-01-16]

CHR Extension: (Gojee Food) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [2017-01-16]

CHR Extension: (RadioRage) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobadcdcjhddnkicijcmnpfppjdekplf [2017-05-23]

CHR Extension: (Google Docs) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-08]

CHR Extension: (Google Drive) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-08]

CHR Extension: (Open with Microsoft Office Online Viewer) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcknfcclbcpdeopdopomkdbjmldgdeld [2017-01-16]

CHR Extension: (TV) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2017-01-16]

CHR Extension: (Quizlet) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgofflgeghkhocbociocnckocbjmomjh [2017-01-16]

CHR Extension: (YouTube) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]

CHR Extension: (Honey) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-07-02]

CHR Extension: (GeoGebra Math Apps) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-01-16]

CHR Extension: (CoastalAir-17) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciambokcolnkdpheogpkdcelmmbinhen [2017-05-23]

CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djejicklhojeokkfmdelnempiecmdomj [2017-06-24]

CHR Extension: (Adobe Acrobat) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07]

CHR Extension: (Harvest Time Tracker) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpiglieekigmkeebmeohkelfpjjlaia [2017-06-19]

CHR Extension: (Google Sheets) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-09]

CHR Extension: (SearchBar) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjefgkhmchopegjeicnblodnidbammed [2017-02-13]

CHR Extension: (Full Screen Weather) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2017-01-16]

CHR Extension: (Lazy Scholar) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpbdcofpbclblalghaepibbagkkgpkak [2017-05-18]

CHR Extension: (BriefTube - Instant video summarizer) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfckdcbnnkobldfaefmhaigdolfniill [2017-04-03]

CHR Extension: (Google Docs Offline) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]

CHR Extension: (Planetarium) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2017-01-16]

CHR Extension: (Save to Google Drive) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-09-17]

CHR Extension: (SwagButton) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2017-07-08]

CHR Extension: (SuperSorter) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2017-01-25]

CHR Extension: (Google Keep - notes and lists) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-07-07]

CHR Extension: (Kami - PDF and Document Markup) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljojpiodmlhoehoecppliohmplbgeij [2017-03-15]

CHR Extension: (WeatherBlink) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbmiailafajdkboegcjcdklooomfic [2017-05-17]

CHR Extension: (Grammarly for Chrome) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-07-08]

CHR Extension: (Little Alchemy) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-01-16]

CHR Extension: (Google Scholar Button) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2017-03-25]

CHR Extension: (Numerics Calculator & Converter) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2017-01-16]

CHR Extension: (Google Maps) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-01-16]

CHR Extension: (Marinara: Pomodoro Timer) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojgmehidjdhhbmpjfamhpkpodfcodef [2017-03-29]

CHR Extension: (Google Keep Chrome Extension) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2017-04-22]

CHR Extension: (Boomerang for Gmail) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2017-05-16]

CHR Extension: (Google Play Books) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-01-16]

CHR Extension: (Wikibuy) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2017-06-30]

CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-06-21]

CHR Extension: (Chrome Web Store Payments) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]

CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2017-01-16]

CHR Extension: (Cite This For Me: Web Citer) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2017-02-14]

CHR Extension: (Twinword Finder) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\npghlhgagddknpcccbgncondbkdpehof [2017-02-13]

CHR Extension: (Evernote Web Clipper) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-05-23]

CHR Extension: (Gmail) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-08]

CHR Extension: (Chrome Media Router) - C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-28]

CHR Profile: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-09]

CHR HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0028841499385227mcinstcleanup; C:\WINDOWS\TEMP\002884~1.EXE [961888 2016-05-16] (McAfee, Inc.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)

S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe [310240 2017-02-22] (Intel Corporation)

S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-20] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-20] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)

R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1392792 2016-03-01] (Intel Corporation)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

R2 HP Comm Recover; c:\Program Files\HPCommRecovery\HPCommRecovery.exe [44032 2016-03-02] (HP Inc.) [File not signed]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe [350688 2017-02-22] (Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)

S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [994848 2016-11-21] (McAfee, Inc.)

S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [352104 2015-09-29] (McAfee, Inc.)

R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.584\McCHSvc.exe [404368 2017-06-23] (McAfee, Inc.)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)

S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)

R3 mfevtp; C:\windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)

R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)

S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()

R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)

R2 PenCommService; C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe [473088 2016-06-27] (Livescribe) [File not signed]

R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-03-28] (Realtek Semiconductor)

R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-09-08] ()

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-04-26] (Synaptics Incorporated)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)

R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)

R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2016-03-01] (Intel Corporation)

R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2016-03-01] (Intel Corporation)

R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2016-03-01] (Intel Corporation)

R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [49456 2015-08-20] (Intel)

S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)

R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)

R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation)

R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [134456 2015-08-31] (Intel)

R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [69936 2015-08-31] (Intel)

R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)

R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)

S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)

R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)

R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)

R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)

S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)

R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)

R1 MpKsl9c0d6490; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{47B8190B-C85B-4CBE-92B3-4B38234FF692}\MpKsl9c0d6490.sys [44928 2017-06-23] (Microsoft Corporation)

R1 MpKsla8db7163; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FCE57958-EBEA-44BD-8026-21C02E721BAC}\MpKsla8db7163.sys [44928 2017-07-09] (Microsoft Corporation)

S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

U5 Netwtw02; C:\Windows\System32\Drivers\Netwtw02.sys [6724368 2016-02-06] (Intel Corporation)

R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)

S3 PulseUsb; C:\WINDOWS\System32\drivers\PulseUsb.sys [26112 2016-06-27] (Windows ® Win 7 DDK provider)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-03-01] (Realtek )

R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [758488 2016-03-01] (Realsil Semiconductor Corporation)

S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [58984 2016-02-25] (Synaptics Incorporated)

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72792 2017-04-26] (Synaptics Incorporated)

R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [31280 2016-01-28] (Intel Corporation)

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-09 01:30 - 2017-07-09 01:31 - 00034687 _____ C:\Users\msnancy\Desktop\FRST.txt

2017-07-09 01:30 - 2017-07-09 01:30 - 00000000 ____D C:\FRST

2017-07-09 01:28 - 2017-07-09 01:29 - 02437120 _____ (Farbar) C:\Users\msnancy\Desktop\FRST64.exe

2017-07-09 01:16 - 2017-07-09 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2017-07-09 01:13 - 2017-07-09 01:13 - 01388448 _____ C:\Users\Public\VOIP.dat

2017-07-09 01:13 - 2017-07-09 01:13 - 01388448 _____ C:\Users\Public\GROUP.dat

2017-07-09 01:13 - 2017-07-09 01:13 - 01388448 _____ C:\Users\Public\ASR.dat

2017-07-08 16:51 - 2017-07-08 16:51 - 00000000 ___HD C:\OneDriveTemp

2017-07-08 11:43 - 2017-07-08 14:16 - 00000000 ____D C:\Users\msnancy\Documents\HAIR

2017-07-01 22:09 - 2017-07-01 22:09 - 00000000 ____D C:\Users\msnancy\Desktop\NICOLE

2017-06-30 19:36 - 2017-06-30 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2017-06-30 19:35 - 2017-06-30 19:35 - 00000000 ____D C:\ProgramData\McAfee Security Scan

2017-06-27 21:19 - 2017-06-27 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2017-06-27 21:13 - 2017-06-27 21:13 - 00000000 ____D C:\Users\msnancy\Documents\NICOLE

2017-06-26 06:27 - 2017-06-26 06:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2017-06-26 06:27 - 2017-06-26 06:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2017-06-22 17:27 - 2017-06-22 17:27 - 00338046 _____ C:\Users\msnancy\Desktop\TODAYupload.pdf

2017-06-20 12:20 - 2017-06-20 12:22 - 00015552 _____ C:\Users\msnancy\Desktop\QCH6 online answer.xlsx

2017-06-18 14:05 - 2017-06-18 14:05 - 00000000 _____ C:\Users\msnancy\Documents\risk factors health me diabetes.txt

2017-06-15 21:57 - 2017-06-15 21:58 - 00000000 ____D C:\Users\msnancy\Documents\CPA EXAM

2017-06-15 18:29 - 2017-06-15 18:29 - 00000067 _____ C:\Users\msnancy\Documents\Emily Advice.txt

2017-06-15 08:03 - 2017-06-15 08:03 - 00000000 ____D C:\Users\msnancy\Documents\FeedbackHub

2017-06-14 19:19 - 2017-06-14 19:19 - 00000000 _____ C:\Users\msnancy\Documents\HP ePrint

2017-06-14 09:02 - 2017-06-14 09:02 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2

2017-06-13 18:41 - 2017-06-13 18:41 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk

2017-06-13 18:41 - 2017-06-13 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2017-06-13 18:40 - 2017-06-13 18:41 - 00000000 ____D C:\Program Files\iTunes

2017-06-13 18:40 - 2017-06-13 18:40 - 00000000 ____D C:\Program Files\iPod

2017-06-13 18:33 - 2017-06-13 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2017-06-13 16:37 - 2017-06-03 06:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-06-13 16:37 - 2017-06-03 06:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2017-06-13 16:37 - 2017-06-03 06:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-06-13 16:37 - 2017-06-03 06:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-06-13 16:37 - 2017-06-03 06:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-06-13 16:37 - 2017-06-03 06:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-06-13 16:37 - 2017-06-03 06:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-06-13 16:37 - 2017-06-03 06:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2017-06-13 16:37 - 2017-06-03 05:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-06-13 16:37 - 2017-06-03 05:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2017-06-13 16:37 - 2017-06-03 05:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2017-06-13 16:37 - 2017-06-03 05:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-06-13 16:37 - 2017-06-03 05:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2017-06-13 16:37 - 2017-06-03 05:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2017-06-13 16:37 - 2017-06-03 05:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2017-06-13 16:37 - 2017-06-03 05:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2017-06-13 16:37 - 2017-06-03 05:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll

2017-06-13 16:37 - 2017-06-03 05:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-06-13 16:37 - 2017-06-03 05:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-06-13 16:37 - 2017-06-03 05:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-06-13 16:37 - 2017-06-03 05:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-06-13 16:37 - 2017-06-03 05:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-06-13 16:37 - 2017-06-03 05:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2017-06-13 16:37 - 2017-06-03 05:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2017-06-13 16:37 - 2017-06-03 05:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll

2017-06-13 16:37 - 2017-06-03 05:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-06-13 16:37 - 2017-06-03 05:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-06-13 16:37 - 2017-06-03 05:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-06-13 16:37 - 2017-06-03 05:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-06-13 16:37 - 2017-06-03 05:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-06-13 16:37 - 2017-06-03 05:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2017-06-13 16:37 - 2017-06-03 05:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-06-13 16:37 - 2017-06-03 05:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-06-13 16:37 - 2017-06-03 05:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2017-06-13 16:37 - 2017-06-03 05:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-06-13 16:37 - 2017-06-03 05:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

2017-06-13 16:37 - 2017-06-03 05:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll

2017-06-13 16:37 - 2017-06-03 05:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-06-13 16:37 - 2017-06-03 05:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll

2017-06-13 16:37 - 2017-06-03 05:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-06-13 16:37 - 2017-06-03 05:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2017-06-13 16:37 - 2017-06-03 05:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll

2017-06-13 16:37 - 2017-06-03 05:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll

2017-06-13 16:37 - 2017-06-03 05:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2017-06-13 16:37 - 2017-06-03 05:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2017-06-13 16:37 - 2017-06-03 05:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-06-13 16:37 - 2017-06-03 05:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2017-06-13 16:37 - 2017-06-03 05:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-06-13 16:37 - 2017-06-03 05:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-06-13 16:37 - 2017-06-03 05:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-06-13 16:37 - 2017-06-03 05:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-06-13 16:37 - 2017-06-03 05:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-06-13 16:37 - 2017-06-03 05:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-06-13 16:37 - 2017-06-03 05:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-06-13 16:37 - 2017-06-03 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-06-13 16:37 - 2017-06-03 05:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-06-13 16:37 - 2017-06-03 05:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll

2017-06-13 16:37 - 2017-06-03 05:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2017-06-13 16:37 - 2017-06-03 05:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

2017-06-13 16:37 - 2017-06-03 05:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll

2017-06-13 16:37 - 2017-06-03 05:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll

2017-06-13 16:37 - 2017-06-03 05:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-06-13 16:37 - 2017-06-03 05:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-06-13 16:37 - 2017-06-03 05:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2017-06-13 16:37 - 2017-06-03 05:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-06-13 16:37 - 2017-06-03 05:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2017-06-13 16:37 - 2017-06-03 05:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2017-06-13 16:37 - 2017-06-03 05:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-06-13 16:37 - 2017-06-03 05:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2017-06-13 16:37 - 2017-06-03 05:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll

2017-06-13 16:37 - 2017-06-03 05:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-06-13 16:37 - 2017-06-03 05:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-06-13 16:37 - 2017-06-03 05:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2017-06-13 16:37 - 2017-06-03 05:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-06-13 16:37 - 2017-06-03 05:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2017-06-13 16:37 - 2017-06-03 05:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-06-13 16:37 - 2017-06-03 05:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2017-06-13 16:37 - 2017-06-03 05:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-06-13 16:37 - 2017-06-03 04:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-06-13 16:37 - 2017-06-03 04:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2017-06-13 16:37 - 2017-06-03 04:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-06-13 16:37 - 2017-06-03 04:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-06-13 16:37 - 2017-06-03 04:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2017-06-13 16:37 - 2017-06-03 04:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2017-06-13 16:37 - 2017-06-03 04:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-06-13 16:37 - 2017-06-03 04:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-06-13 16:37 - 2017-06-03 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-06-13 16:37 - 2017-06-03 04:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-06-13 16:37 - 2017-06-03 04:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-06-13 16:37 - 2017-06-03 04:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-06-13 16:37 - 2017-06-03 04:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2017-06-13 16:37 - 2017-06-03 04:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll

2017-06-13 16:37 - 2017-06-03 04:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-06-13 16:37 - 2017-06-03 04:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2017-06-13 16:37 - 2017-06-03 04:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-06-13 16:37 - 2017-06-03 04:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-06-13 16:37 - 2017-06-03 04:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-06-13 16:37 - 2017-05-25 01:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe

2017-06-13 16:37 - 2017-03-04 02:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-06-13 16:37 - 2017-03-04 02:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2017-06-13 16:37 - 2017-03-04 02:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2017-06-13 16:37 - 2017-03-04 02:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll

2017-06-13 16:37 - 2016-09-07 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2017-06-13 16:36 - 2017-06-03 06:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll

2017-06-13 16:36 - 2017-06-03 06:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-06-13 16:36 - 2017-06-03 06:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-06-13 16:36 - 2017-06-03 06:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2017-06-13 16:36 - 2017-06-03 05:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-06-13 16:36 - 2017-06-03 05:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-06-13 16:36 - 2017-06-03 05:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2017-06-13 16:36 - 2017-06-03 05:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-06-13 16:36 - 2017-06-03 05:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-06-13 16:36 - 2017-06-03 05:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2017-06-13 16:36 - 2017-06-03 05:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-06-13 16:36 - 2017-06-03 05:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-06-13 16:36 - 2017-06-03 05:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-06-13 16:36 - 2017-06-03 05:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-06-13 16:36 - 2017-06-03 05:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-06-13 16:36 - 2017-06-03 05:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll

2017-06-13 16:36 - 2017-06-03 05:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll

2017-06-13 16:36 - 2017-06-03 05:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2017-06-13 16:36 - 2017-06-03 05:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2017-06-13 16:36 - 2017-06-03 05:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-06-13 16:36 - 2017-06-03 05:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll

2017-06-13 16:36 - 2017-06-03 05:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2017-06-13 16:36 - 2017-06-03 04:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll

2017-06-13 16:36 - 2017-06-03 04:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-06-13 16:36 - 2017-06-03 04:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2017-06-13 16:36 - 2017-06-03 04:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2017-06-13 16:36 - 2017-06-03 04:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-06-13 16:36 - 2017-06-03 04:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-06-13 16:36 - 2017-06-03 04:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2017-06-13 16:36 - 2017-06-03 02:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls

2017-06-12 13:38 - 2017-06-12 13:38 - 00000000 ____D C:\Users\msnancy\New folder

2017-06-11 12:28 - 2017-06-11 12:28 - 00000000 ____D C:\Users\msnancy\Documents\New folder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-09 01:17 - 2016-11-05 14:32 - 00000000 ___RD C:\Users\msnancy\OneDrive - ECSU

2017-07-09 01:16 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-07-09 01:14 - 2016-06-13 00:22 - 00000000 ____D C:\ProgramData\McAfee

2017-07-09 01:13 - 2016-09-08 18:26 - 00000000 __SHD C:\Users\msnancy\IntelGraphicsProfiles

2017-07-09 01:13 - 2016-07-16 02:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-07-09 01:11 - 2016-10-13 22:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-07-09 01:11 - 2016-10-13 22:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-07-09 01:11 - 2016-09-22 22:10 - 00000366 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormsnancy.job

2017-07-08 10:02 - 2017-05-16 15:01 - 00003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)

2017-07-08 00:22 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps

2017-07-08 00:20 - 2016-10-13 22:27 - 00003266 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFormsnancy

2017-07-06 19:06 - 2016-05-10 12:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2017-07-05 21:37 - 2016-07-16 07:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-06-30 19:36 - 2016-10-26 08:48 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

2017-06-30 19:35 - 2016-10-26 09:18 - 00000000 ____D C:\Program Files\McAfee Security Scan

2017-06-29 21:16 - 2017-05-17 20:55 - 00000000 ____D C:\WINDOWS\system32\UNP

2017-06-29 21:16 - 2017-05-17 20:55 - 00000000 ____D C:\Program Files\UNP

2017-06-28 19:00 - 2017-01-14 16:27 - 00000000 ____D C:\Users\msnancy\Documents\HEALTH

2017-06-28 18:29 - 2017-03-26 12:20 - 00018183 _____ C:\Users\msnancy\Desktop\MED PURCHASES.xlsx

2017-06-27 21:43 - 2016-09-08 18:26 - 00000000 ____D C:\Users\msnancy\AppData\Local\Packages

2017-06-27 21:26 - 2016-09-08 19:21 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-06-27 21:20 - 2016-05-10 11:58 - 00000000 ____D C:\Program Files (x86)\Dropbox

2017-06-25 14:34 - 2017-03-13 16:26 - 00000000 ____D C:\Users\msnancy\AppData\Roaming\Apple Computer

2017-06-22 13:00 - 2016-12-21 17:12 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-06-22 13:00 - 2016-09-08 18:29 - 00002423 _____ C:\Users\msnancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-06-22 12:57 - 2016-10-13 22:27 - 00004252 _____ C:\WINDOWS\System32\Tasks\avast! SL Update

2017-06-19 16:33 - 2017-01-14 16:27 - 00000000 ____D C:\Users\msnancy\Documents\DIABETES

2017-06-17 19:27 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache

2017-06-17 12:03 - 2015-11-02 14:02 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-06-15 10:53 - 2017-04-01 16:30 - 00000000 ____D C:\Users\msnancy\Documents\ECSU SUMMER 17

2017-06-15 08:08 - 2015-11-03 02:05 - 02674816 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-06-15 08:03 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\NDF

2017-06-15 08:02 - 2016-10-13 22:10 - 00000000 ____D C:\Users\msnancy

2017-06-15 08:00 - 2016-07-16 02:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI

2017-06-14 20:15 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF

2017-06-14 20:13 - 2016-10-20 07:18 - 00000000 ____D C:\Users\msnancy\AppData\Local\Dropbox

2017-06-14 18:55 - 2017-06-08 13:45 - 00000000 ____D C:\Users\msnancy\Documents\OBITS

2017-06-14 09:30 - 2017-03-13 16:26 - 00000000 ____D C:\Users\msnancy\AppData\Local\Apple Computer

2017-06-14 09:03 - 2016-10-13 22:03 - 00369880 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-06-14 09:02 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-06-14 09:02 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-06-14 09:02 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-06-13 18:33 - 2017-03-13 16:21 - 00000000 ____D C:\Program Files\Common Files\Apple

2017-06-13 17:12 - 2016-09-09 20:35 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-06-13 17:07 - 2016-09-09 20:35 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-06-13 17:07 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-06-12 14:31 - 2017-04-17 12:49 - 00000000 ____D C:\Users\msnancy\Documents\FOOD

==================== Files in the root of some directories =======

2017-01-14 17:29 - 2017-01-14 17:30 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:

====================

C:\Users\Public\ASR.dat

C:\Users\Public\GROUP.dat

C:\Users\Public\VOIP.dat

Some files in TEMP:

====================

2016-10-22 18:58 - 2016-10-22 18:58 - 1730632 ____N () C:\Users\msnancy\AppData\Local\Temp\CenturyLinkDesktopApps.exe

2016-10-25 15:36 - 2015-01-19 18:48 - 1126480 ____N (CANON INC.) C:\Users\msnancy\AppData\Local\Temp\MSETUP4.EXE

2016-10-22 19:43 - 2016-10-22 19:43 - 1760760 _____ (Symantec Corporation) C:\Users\msnancy\AppData\Local\Temp\NAV2015.exe

2016-10-22 19:43 - 2016-10-22 19:43 - 0795048 _____ (Symantec Corporation) C:\Users\msnancy\AppData\Local\Temp\QwrapMar.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-08 11:17

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017

Ran by msnancy (09-07-2017 01:32:29)

Running from C:\Users\msnancy\Desktop

Windows 10 Home Version 1607 (X64) (2016-10-14 02:31:07)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1037992593-1840114212-2236592287-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1037992593-1840114212-2236592287-503 - Limited - Disabled)

Guest (S-1-5-21-1037992593-1840114212-2236592287-501 - Limited - Disabled)

msnancy (S-1-5-21-1037992593-1840114212-2236592287-1001 - Administrator - Enabled) => C:\Users\msnancy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}

FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-60bcb449-41aa-4f8e-b9b8-586f50a466ab) (Version: 3.0.2.118 - WildTangent) Hidden

ACL Desktop Education Edition (HKLM-x32\...\{C424D5B8-BDE9-48FD-805E-FF276FCC76DF}) (Version: 9.0.0.243 - ACL Software)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)

Amazon Redshift ODBC Driver 64-bit (HKLM\...\{788C401A-726B-4CE7-8BC2-89FD7967A6ED}) (Version: 1.2.7 - Amazon Corporate LLC)

Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.275.2 - AVAST Software)

Awakening: The Dreamless Castle (HKLM-x32\...\WTA-819fa2cf-7699-4053-887e-1a741e82c021) (Version: 3.0.2.51 - WildTangent) Hidden

Azkend 2: The World Beneath (HKLM-x32\...\WTA-e688789e-6324-42a9-a8d0-0653876e3bd0) (Version: 2.2.0.98 - WildTangent) Hidden

Barn Yarn Collector's Edition (HKLM-x32\...\WTA-f38df94d-dab3-4157-a62d-af21fa51ad18) (Version: 3.0.2.48 - WildTangent) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)

Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)

Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)

Canon MG2900 series User Registration (HKLM-x32\...\Canon MG2900 series User Registration) (Version: - ‭Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.1 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.0 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)

CenturyLink Installer (HKLM-x32\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)

CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6129 - CyberLink Corp.)

CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.) Hidden

CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)

Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-180ba563-3c37-46df-883e-12570e1f2933) (Version: 3.0.2.59 - WildTangent) Hidden

DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden

Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden

Echo Desktop (HKLM-x32\...\Echo Desktop 3.0.4) (Version: 3.0.4 - Livescribe Inc)

Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)

Entwined: The Perfect Murder (HKLM-x32\...\WTA-ac1d278d-c4f2-4b98-919f-27dcf35ed85c) (Version: 3.0.2.59 - WildTangent) Hidden

Evernote v. 6.4.2 (HKLM-x32\...\{E74F0DCA-9FC8-11E6-9D98-005056950253}) (Version: 6.4.2.3788 - Evernote Corp.)

Excel QM v5.2 (HKLM-x32\...\{4F1155FD-9C2B-4C73-94BD-0EEDDDEDECEE}) (Version: 5.2.112 - Pearson)

FocalFilter (HKLM-x32\...\{78156F61-016D-402A-9EF9-C2AA253DB22A}) (Version: 0.9.00 - FocalFilter)

focus booster version 2.2.0 (HKLM-x32\...\{4A8CD634-78D6-4A35-9D1E-98CCBD11910B}_is1) (Version: 2.2.0 - focus booster)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Green City: Go South (HKLM-x32\...\WTA-1bb75a08-91c7-4ec6-b6d3-5ad97f194f10) (Version: 3.0.2.59 - WildTangent) Hidden

Home Makeover (HKLM-x32\...\WTA-949aad13-542e-4dea-8930-5ba92a7fffad) (Version: 3.0.2.59 - WildTangent) Hidden

Hoyle Illusions Mahjongg (HKLM-x32\...\WTA-213027ed-1993-451c-9e82-4c6ce0ed7da3) (Version: 3.0.2.59 - WildTangent) Hidden

HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)

HP CoolSense (HKLM-x32\...\{6A96E483-C0BD-456F-885B-7A0BAC7430AD}) (Version: 2.21.1 - HP Inc.)

HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.4.19.3 - HP)

HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.7.22.13 - HP)

HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.9 - HP Inc.)

HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)

HP Wireless Button Driver (HKLM-x32\...\{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 - HP)

iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)

IGT Slots Fire Rubies (HKLM-x32\...\WTA-5584ab78-1b6e-4226-894e-19be515c31f0) (Version: 3.0.2.59 - WildTangent) Hidden

Imperial Island: Birth of an Empire (HKLM-x32\...\WTA-9ff89fee-abfb-4b63-a6cf-7fc85d654048) (Version: 3.0.2.59 - WildTangent) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden

Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4542 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)

Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)

Intel® WiDi (HKLM\...\{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 - Intel Corporation)

Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)

Intel® Integrated Sensor Solution (HKLM-x32\...\{dab50e7a-3a51-4ce0-9644-131748487cfe}) (Version: 3.0.4.1012 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)

ISS_Drivers_x64 (HKLM\...\{6725DB57-487E-42F9-B986-A3113872FE47}) (Version: 3.0.4.1012 - Intel Corporation) Hidden

iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)

Jewel Match Snowscapes (HKLM-x32\...\WTA-f43843e4-c8e7-4d5a-992c-4d1e48df5634) (Version: 3.0.2.118 - WildTangent) Hidden

Little Boy: Walter's Scooter (HKLM-x32\...\WTA-2e9ddbde-af1c-4271-8749-4976d14200a0) (Version: 3.0.2.59 - WildTangent) Hidden

Lost Souls: Timeless Fables Collector's Edition (HKLM-x32\...\WTA-c230c780-ec32-481a-9aca-668c8b8ad2c3) (Version: 3.0.2.59 - WildTangent) Hidden

Magic Heroes: Save Our Park (HKLM-x32\...\WTA-509f3083-588d-4197-b7cc-f3266fdd2c0c) (Version: 3.0.2.59 - WildTangent) Hidden

Manor Memoirs Collector's Edition (HKLM-x32\...\WTA-e28885a9-bda0-49dc-9b46-2c2ac01cae7d) (Version: 3.0.2.59 - WildTangent) Hidden

McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.0.190 - McAfee, Inc.)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.584.4 - McAfee, Inc.)

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)

Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

MySQL Connector/ODBC 5.3 (HKLM\...\{17E48BE8-F0F8-42B6-82D3-7A5840694D79}) (Version: 5.3.6 - Oracle Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden

Plagiarii (HKLM-x32\...\WTA-3f72b9ed-4561-46bf-9e79-9a6a3afa20f5) (Version: 3.0.2.59 - WildTangent) Hidden

Polar Bowler 1st Frame (HKLM-x32\...\WTA-949485e7-651f-4df0-a9c0-39bae09c7c02) (Version: 3.0.2.59 - WildTangent) Hidden

POM-QM for Windows, v5 (HKLM-x32\...\POM-QM for Windows, v5) (Version: 5 - Pearson Education Inc)

psqlODBC_x64 (HKLM\...\{E80C56AD-5F68-4A6D-8016-FF394E1954FA}) (Version: 09.05.0300 - PostgreSQL Global Development Group)

PuppetShow: Return to Joyville (HKLM-x32\...\WTA-24496c0d-a263-45b8-88fb-492cd85d4a57) (Version: 3.0.2.126 - WildTangent) Hidden

Pyro Jump (HKLM-x32\...\WTA-e88c35b2-5197-4e47-9eff-2f65809f7273) (Version: 3.0.2.59 - WildTangent) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7779 - Realtek Semiconductor Corp.)

Regency Solitaire (HKLM-x32\...\WTA-8bb7e1ba-cace-4dd1-a324-81464820f000) (Version: 3.0.2.126 - WildTangent) Hidden

Runefall (HKLM-x32\...\WTA-b36067ef-6992-4930-b5c9-b11b3de9a831) (Version: 3.0.2.126 - WildTangent) Hidden

Rush Hour! Gas Station (HKLM-x32\...\WTA-9d4dd840-6880-4b69-9024-689756b15b3f) (Version: 3.0.2.59 - WildTangent) Hidden

Sky High Farm (HKLM-x32\...\WTA-e19f62fa-a96b-4185-8f71-bed6e34d64a6) (Version: 3.0.2.59 - WildTangent) Hidden

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.10 - Synaptics Incorporated)

Tableau 10.2 (10200.17.0216.1925) (HKLM\...\{C7A22BE0-D202-4358-B24F-B1943CFF6F91}) (Version: 10.2.113 - Tableau Software) Hidden

Tableau 10.2 (10200.17.0216.1925) (HKLM-x32\...\{cd1d4f84-772f-48d8-ad61-de47230b71c1}) (Version: 10.2.113 - Tableau Software)

Tasty Blue (HKLM-x32\...\WTA-1d11ac47-cea1-44a0-84a6-90749c3fe756) (Version: 3.0.2.59 - WildTangent) Hidden

The Far Kingdoms (HKLM-x32\...\WTA-35f0afcd-dd2b-460d-bcc3-524e3fd85c74) (Version: 1.1.2.4 - WildTangent) Hidden

TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)

Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)

WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.2 - WildTangent) Hidden

Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

WordFlood 1.2 (remove only) (HKLM-x32\...\WordFlood 1.2) (Version: - )

XMind 7.5 Update 1 (v3.6.51) (HKLM-x32\...\XMind_is1) (Version: 3.6.51.201607142338 - XMind Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)

ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ContextMenuHandlers01: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-21] (McAfee, Inc.)

ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)

ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)

ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxDTCM.dll [2017-02-22] (Intel Corporation)

ContextMenuHandlers06: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-21] (McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D9692F-60D5-48F7-9468-6858F249F000} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\msnancy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe

Task: {0F66443C-F5FE-48B6-9333-62316AFC70ED} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)

Task: {1321F9B7-DB69-4B68-9193-A6595CF46786} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)

Task: {152C07FD-02F6-4F6F-B5CA-1E43D8259112} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-08] (Google Inc.)

Task: {2D1F34F3-DC5D-4EF0-A53E-3B127EDCD1C3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe

Task: {34F01C63-17C8-4477-83B6-5AC592F405B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)

Task: {3D2AB328-F19C-4828-81B8-47C2D2EE830A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)

Task: {4126969B-991D-44EE-8350-DBC1428C586C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)

Task: {450856C8-FF12-4244-9B5D-F63827151E70} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-04-12] (McAfee, Inc.)

Task: {55DEC307-CB48-4587-9554-387873E159F2} - System32\Tasks\{CA8A3673-B0AC-41D5-863C-E1C5214CF2ED} => pcalua.exe -a "C:\Users\msnancy\Documents\ECSU SP17\ACCT425-01 Financial Auditing\ACL DATA\ACL_9_Software\Install Armond Dalton Data.exe" -d "C:\Users\msnancy\Documents\ECSU SP17\ACCT425-01 Financial Auditing\ACL DATA\ACL_9_Software"

Task: {6BFBD066-881A-491A-9968-FE868EB1A9C0} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-09-08] (AVAST Software)

Task: {71FE717E-2EB4-41CD-BE26-03C2581CAC21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-20] (Dropbox, Inc.)

Task: {7221A6C8-7FCF-495A-805A-14B51AD91A91} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)

Task: {73C53121-B02C-4F7A-AE8A-E3217B8002C1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-07-05] (Microsoft Corporation)

Task: {7B77FF4F-0EC4-440E-8F5B-E8C4522D6C6D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)

Task: {862DB034-AEF0-476D-B81D-F0DAD95FBA9A} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]

Task: {924F8EDE-10A3-4CCF-A5A2-F297571F57A3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-20] (Dropbox, Inc.)

Task: {974163B0-D224-4AB2-B642-CF03A18AA0E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {9A51B66C-6257-4FFB-8A67-D9A8DB198A20} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {9CB6E2EE-06B7-4FCF-9965-4C3801FEFFA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

Task: {9FF21122-083D-47EE-850A-467BA4522B1A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-05] ()

Task: {AA138DFA-B826-45CB-8BBC-1BF22AB60293} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-05] (Microsoft Corporation)

Task: {AAE678D0-0E67-43B9-9677-058BB69D3498} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-05] (Microsoft Corporation)

Task: {AF3CF212-E1D2-4B24-9031-40DEF9BD6D00} - System32\Tasks\HPCeeScheduleFormsnancy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {B3B7D43D-2CEC-439C-A631-6B912224A168} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)

Task: {BBC77D7F-073B-495F-8DF2-2592E2F1C0A1} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-09-08] (AVAST Software)

Task: {C476A89B-A8D0-4064-B9D4-910A006FF831} - System32\Tasks\McAfee\McAfee Idle Detection Task

Task: {CC140023-4B64-4404-B2A3-C0AE92FE8F29} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

Task: {DD7B3E57-5C49-4368-92AB-AA399D6CC9BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {E2ADD2BF-0579-4476-8DB3-EE75C4BB7FF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.)

Task: {E5F41968-96F1-4A7D-B1D0-5A102E03FF8B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-05] ()

Task: {E95216C9-C55A-4960-BC18-75175CF01FB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

Task: {EF4F0473-ED28-40FA-B76F-4D23EFBC774D} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2015-10-23] (HP Development Company, L.P.)

Task: {F9FDF8B5-5377-4B60-A7E5-E87D27EF724D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)

Task: {FFB39212-091C-4982-AA2A-80C388C2E16F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)

Task: {FFDD1E66-45C9-481B-B1D5-87ABD1500B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-08] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleFormsnancy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\msnancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

ShortcutWithArgument: C:\Users\msnancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Lucidchart Diagrams - Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djejicklhojeokkfmdelnempiecmdomj

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUDU - Streaming Movies.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://www.vudu.com/

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2017-06-13 16:37 - 2017-06-03 06:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-06-13 00:14 - 2014-04-14 21:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe

2016-09-08 18:23 - 2016-09-08 18:23 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe

2016-10-14 01:57 - 2016-10-14 01:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-03-14 19:35 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2017-03-14 19:36 - 2017-03-04 02:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-03-14 19:36 - 2017-03-04 02:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-03-14 19:36 - 2017-03-04 02:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-06-13 16:37 - 2017-06-03 04:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-06-13 16:37 - 2017-06-03 04:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-06-13 16:37 - 2017-06-03 04:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll

2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll

2017-06-27 21:26 - 2017-06-22 23:21 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libglesv2.dll

2017-06-27 21:26 - 2017-06-22 23:21 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libegl.dll

2017-06-21 09:01 - 2017-06-21 09:02 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe

2017-06-21 09:01 - 2017-06-21 09:02 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll

2017-06-21 09:01 - 2017-06-21 09:02 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll

2017-06-21 09:01 - 2017-06-21 09:02 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll

2016-12-24 00:34 - 2016-10-25 01:31 - 00508368 _____ () C:\Program Files\Common Files\McAfee\Sustainability\GenericPlugin.dll

2016-06-27 17:58 - 2016-06-27 17:58 - 00275968 _____ () C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommSdk.dll

2017-05-09 00:45 - 2017-05-09 00:45 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2017-01-13 13:56 - 2017-01-13 13:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2017-05-09 00:44 - 2017-05-09 00:44 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

2016-10-31 18:45 - 2016-10-31 18:45 - 00321208 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2016-09-08 18:23 - 2016-09-08 18:24 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\...\sharepoint.com -> hxxps://ecsu-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2017-06-30 19:36 - 00000871 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1037992593-1840114212-2236592287-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\msnancy\Documents\DIABETES\BLOOD SUGAR.jpg

DNS Servers: 192.168.0.1 - 205.171.2.226

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "CenturyLinkTouchPointAgent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8A722782-0B67-46E7-ADFE-0C91E5DE4D14}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{4C01031C-829E-4C58-B211-21704FA0C935}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [{B80D07A1-0423-45A6-9B09-06F106168A30}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe

FirewallRules: [{6233A086-7DC3-4B61-8C75-B3FD6AD73FB9}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe

FirewallRules: [{F91D113A-88D7-477D-A708-7FF986E5F95E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe

FirewallRules: [{107970F7-ED30-4CE6-A008-1B96AF78C34D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{4788FE1D-1889-4EFD-8FBB-62DF6FE0778D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe

FirewallRules: [{4F1240FE-5561-4D64-8FE9-BC41A606E628}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe

FirewallRules: [{A7EF9DFE-2EF8-4819-AC9E-99383ED0535D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe

FirewallRules: [{3678AEE7-7B71-41A2-A4AC-912119582D1E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe

FirewallRules: [{E61E97B2-1941-4304-A0C6-CB4C6EE1980A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe

FirewallRules: [{01373777-52E4-4A57-88F9-0BF5AF71B667}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE

FirewallRules: [{A7E71A89-2B9F-407B-802B-70785573F86C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{6B94AB5E-DA90-46A3-AF0B-3A5A7BFE11E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{6F277E66-52AC-44E9-BC3D-DAA7A21CB436}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{DBAB9417-2616-4783-91F8-11BCC96B694A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B61BF0DB-46F3-4600-94AB-DC96424D2895}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{5482A5CF-9D26-42A9-B07F-37353905CC55}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{7A7CAF67-1047-49FA-A4FE-7FE404FC3934}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{564E720C-487A-44DD-AA67-76F7A4BF127D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{97516B03-4BEC-4AB7-9E18-4FE648FD45A0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe

FirewallRules: [{C7C13E58-C8BB-4842-AF37-40B2A20C41E8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{0E7550BE-02AA-4F3A-B8D1-DE68254995F5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{313274DC-1E42-448A-91D7-6F1C6E023973}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{E18BA134-D3D4-49DD-9F79-9463BEC9FDC3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{AA3CA270-32A8-4E3C-B3B0-6B7E65FBA5F0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{20587FA0-994A-4D75-92D0-21C940414879}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{2FB993C0-A916-47DD-BF96-1CAA6759FD71}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C6E1CBB9-9D7A-49A1-A067-3ACBDC15EAD8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{805C97F8-F13D-4553-8A50-F22B4540C79B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{651CFE4D-6770-460D-A594-6B4CB5C87EB6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [TCP Query User{D0C60882-8AA6-49D8-BDF3-78451AEE6AAF}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe

FirewallRules: [UDP Query User{435F00E3-2DD2-4CD7-8D61-9F53255F98AD}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe

FirewallRules: [{1C12D3AF-A84C-4C1D-8FF7-8A9DA62661D1}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{C4D143DA-00EA-4B02-BFB6-F41418E8B665}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [{6BD7A0E3-94C9-4DFB-B0C0-C70F686D65E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-06-2017 21:21:46 Scheduled Checkpoint

29-06-2017 21:16:12 Windows Update

08-07-2017 12:43:32 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: HID-compliant touch screen

Description: HID-compliant touch screen

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: (Standard system devices)

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (07/09/2017 01:18:38 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "aspnet_state" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/09/2017 01:18:38 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "ASP.NET_4.0.30319" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/09/2017 01:18:38 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "ASP.NET" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/09/2017 01:14:10 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PowerDVD14Agent.exe, version: 14.0.3.6129, time stamp: 0x56aad9cd

Faulting module name: BoomerangLib.dll_unloaded, version: 3.0.0.5812, time stamp: 0x561b637e

Exception code: 0xc0000005

Fault offset: 0x00001000

Faulting process id: 0x1f9c

Faulting application start time: 0x01d2f87219129873

Faulting application path: C:\Program Files (x86)\Cyberlink\PowerDVD14\PowerDVD14Agent.exe

Faulting module path: BoomerangLib.dll

Report Id: 713d921a-06ff-4204-9ff1-ba2b094af21b

Faulting package full name:

Faulting package-relative application ID:

Error: (07/09/2017 01:11:47 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\WIDomainPowerControlCapabilityChanged.cpp @ line 63

Executing Function: WIDomainPowerControlCapabilityChanged::execute

Message: Unhandled exception caught during execution of work item

Framework Event: DomainPowerControlCapabilityChanged [19]

Participant: TCPU [1]

Policy: Passive Policy 2 [2]

Exception Function: Policy::executeDomainPowerControlCapabilityChanged

Exception Text:

Could not find client in directory.

Error: (07/09/2017 01:11:47 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63

Executing Function: WIDomainPerformanceControlCapabilityChanged::execute

Message: Unhandled exception caught during execution of work item

Framework Event: DomainPerformanceControlCapabilityChanged [17]

Participant: TCPU [1]

Policy: Passive Policy 2 [2]

Exception Function: Policy::executeDomainPerformanceControlCapabilityChanged

Exception Text:

Could not find client in directory.

Error: (07/09/2017 01:11:47 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\WIDomainPerformanceControlCapabilityChanged.cpp @ line 63

Executing Function: WIDomainPerformanceControlCapabilityChanged::execute

Message: Unhandled exception caught during execution of work item

Framework Event: DomainPerformanceControlCapabilityChanged [17]

Participant: TCPU [1]

Policy: Passive Policy 2 [2]

Exception Function: Policy::executeDomainPerformanceControlCapabilityChanged

Exception Text:

Could not find client in directory.

Error: (07/09/2017 01:11:46 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673

Executing Function: PolicyBase::takeControlOfOsc

Message: Failed to acquire OSC: Failure during execution of _OSC:

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473

Executing Function: EsifServices::primitiveExecuteSet

Message: Error returned from ESIF services interface function call

Participant: NoParticipant

Domain: NoDomain

ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]

ESIF Instance: 255

ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy: Passive Policy 2 [2]

Error: (07/09/2017 01:11:46 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673

Executing Function: PolicyBase::takeControlOfOsc

Message: Failed to acquire OSC: Failure during execution of _OSC:

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473

Executing Function: EsifServices::primitiveExecuteSet

Message: Error returned from ESIF services interface function call

Participant: NoParticipant

Domain: NoDomain

ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]

ESIF Instance: 255

ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy: Critical Policy [1]

Error: (07/09/2017 12:18:58 AM) (Source: DPTF) (EventID: 256) (User: )

Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR

DPTF Build Version: 8.1.10605.221

DPTF Build Date: Oct 23 2015 12:24:15

Source File: ..\..\..\Sources\Manager\WIDomainPowerControlCapabilityChanged.cpp @ line 63

Executing Function: WIDomainPowerControlCapabilityChanged::execute

Message: Unhandled exception caught during execution of work item

Framework Event: DomainPowerControlCapabilityChanged [19]

Participant: TCPU [1]

Policy: Passive Policy 2 [2]

Exception Function: Policy::executeDomainPowerControlCapabilityChanged

Exception Text:

Could not find client in directory.

System errors:

=============

Error: (07/09/2017 01:15:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)

Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (07/09/2017 01:14:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Interactive Services Detection service terminated with the following error:

Incorrect function.

Error: (07/09/2017 01:14:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)

Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (07/09/2017 01:14:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)

Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

Error: (07/09/2017 01:12:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

and APPID

{F72671A9-012C-4725-9D2F-2A4D32D65169}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/09/2017 01:12:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.

Error: (07/09/2017 01:12:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.

Error: (07/09/2017 01:12:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the 0028841499385227mcinstcleanup service to connect.

Error: (07/09/2017 01:11:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The InstallerService service failed to start due to the following error:

The system cannot find the file specified.

Error: (07/09/2017 01:11:43 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 12:15:42 AM on ‎7/‎9/‎2017 was unexpected.

CodeIntegrity:

===================================

Date: 2017-07-09 01:28:48.910

Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-09 01:28:48.908

Date: 2017-06-04 20:04:06.459

Date: 2017-06-04 20:04:06.457

Date: 2017-06-04 18:30:00.071

Date: 2017-06-04 18:30:00.069

Date: 2017-02-28 16:52:33.800

Date: 2017-02-28 16:52:33.798

==================== Memory info ===========================

Processor: Intel® Core™ i5-6200U CPU @ 2.30GHz

Percentage of memory in use: 45%

Total physical RAM: 8046.91 MB

Available physical RAM: 4350.68 MB

Total Virtual: 9326.91 MB

Available Virtual: 5350.65 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:914.6 GB) (Free:835.82 GB) NTFS

Drive d: (RECOVERY) (Fixed) (Total:15.68 GB) (Free:1.86 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: (CAM2014-17) (Removable) (Total:14.83 GB) (Free:1.48 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

========================================================

Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Edited by frogg25, 08 July 2017 - 11:50 PM.

#2
RKinner

Posted 11 July 2017 - 07:39 AM

Malware Expert

Expert
24,623 posts

Uninstall

Bonjour

It appears that McAfee may be the cause of your problem.

I assume you have a license for McAfee. Make sure you save it first then download a new copy of McAfee Anti-Virus and Anti-Spyware. Also download McAfee Consumer Product Removal tool.

Follow the steps in: https://service.mcaf...31400385075713#!

Another possibility is the Intel® Dynamic Platform and Thermal Framework software which was probably updated by Windows recently. The last version appears to have major problems so go to your PC maker's support website and get the one they have for your PC. Uninstall the one you have, reboot and reinstall.

I would also uninstall FocalFilter

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Then rerun FRST and check Addition.txt then SCAN. Post both logs.

#3
frogg25

Posted 14 July 2017 - 07:36 PM

Member

Topic Starter
Member
33 posts

Hi,
So, I downloaded Adware and it looks a lot different than the image you have. Plus, it's dfferent info. Is this correct? 
  I can't figure out how to even attach a screen shot. I'm pretty clueless here. Also I couldn't figure out any of the suggestions above the Adware instructions. 
Is there a simpler way?

 Thanks again

#4
RKinner

Posted 14 July 2017 - 08:09 PM

Malware Expert

Expert
24,623 posts

Sorry it looks like this now:

MBAM bought them out and changed the start of it. Just click on the SCAN button.

Once it finishes, click on the Clean button. Once that finishes, click on the Logfile buton. then double click on the last log in the list. That should open the log in notepad. Ctrl + a to select all of the text. Ctrl + c to copy the selected text. Move to a Reply. Ctrl + v to paste it into a reply.

If you need to make a screen shot, search for

snipping tool

and hit Enter. Then draw a box around what you want to save and then Save As to someplace you can find it like your desktop, give it a name and save it as type jpg. Then

First click on More Reply Options

Then scroll down to where you see

Choose File and click on it. Point it at the file and hit Open.

Now click on Attach this file.

#5
frogg25

Posted 15 July 2017 - 02:00 PM

Member

Topic Starter
Member
33 posts

Want to see if I understand this right: For Adware, it says to use the button that says "Download Now @BleepingComputer". But for Junkware-Removal-Tool, it says to use the button that says, "Download Now @Author's site". Is this correct? Sorry; I'm paranoid. Here is the AdWare file :

# AdwCleaner v6.047 - Logfile created 15/07/2017 at 12:47:49

# Updated on 19/05/2017 by Malwarebytes

# Database : 2017-07-13.1 [Server]

# Operating System : Windows 10 Home (X64)

# Username : msnancy - NMS-HPLAPTOP

# Running from : C:\Users\msnancy\Desktop\AdwCleaner.exe

# Mode: Scan

# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Folder Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm

Folder Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbmiailafajdkboegcjcdklooomfic

Folder Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnnbmiailafajdkboegcjcdklooomfic

***** [ Files ] *****

File Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngocbkfmikdgphklgmmehbjjlfgdemm_0.localstorage

File Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngocbkfmikdgphklgmmehbjjlfgdemm_0.localstorage-journal

File Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnnbmiailafajdkboegcjcdklooomfic_0.localstorage

File Found: C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jnnbmiailafajdkboegcjcdklooomfic_0.localstorage-journal

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Web browsers ] *****

No malicious Firefox based browser items found.

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.yahoo.com

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Web data] - yahoo.com_

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - gngocbkfmikdgphklgmmehbjjlfgdemm

Chrome pref Found: [C:\Users\msnancy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - jnnbmiailafajdkboegcjcdklooomfic

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.goog...r/3097271?hl=en[!]

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2852 Bytes] - [15/07/2017 12:47:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2925 Bytes] ##########

#6
RKinner

Posted 15 July 2017 - 02:27 PM

Malware Expert

Expert
24,623 posts

Either button will work. I did not write the canned speeches. Expect they were written by different people.

#7
frogg25

Posted 13 August 2017 - 09:50 AM

Member

Topic Starter
Member
33 posts

Can I resurrect this, or should I repost? I got myself messed up trying to delete Bonjour, then something else I missed earlier in the instructions, and basically got lost.

#8
RKinner

Posted 13 August 2017 - 10:13 AM

Malware Expert

Expert
24,623 posts

Make a new FRST scan with Addition.txt checked and post both logs.

#9
frogg25

Posted 13 August 2017 - 05:45 PM

Member

Topic Starter
Member
33 posts

Thanks

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017

Ran by msnancy (administrator) on NMS-HPLAPTOP (13-08-2017 19:36:45)

Running from C:\Users\msnancy\Desktop

Loaded Profiles: msnancy (Available Profiles: msnancy)

Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123219.inf_amd64_f9a6dca370cdef98\igfxCUIService.exe