I'm temporarily using a family member's laptop (long term).
I was doing a college assignment when a "Dropbox message" popped up - "share your screenshots with Dropbox" - however i didn't admit that screenshot" but there it was when I pasted in paint!! (of my assignment work), i'm worried that there is something malicious like spyware.
"Malwarebytes Home trial" detected 3175 non malware threats (potentially unwanted programs) and quarantined 2485 of them.
The relay chat on this site has advised me to run FRST - please see log below.
And thank you for all help so far!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-10-2016
Ran by Deana (administrator) on DELL1525 (08-10-2016 19:40:55)
Running from C:\Users\Deana\Desktop
Loaded Profiles: Deana (Available Profiles: Deana)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe
() C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Arainia Solutions) C:\Program Files\Gizmo\gservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\Inbox Toolbar\Inbox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Arainia Solutions) C:\Program Files\Gizmo\gizmo.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coNatHst.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Splice) C:\Users\Deana\AppData\Local\Apps\2.0\3YP8R2O8.B9W\CV7BRLL5.CBG\spli..tion_7666adb2bba943c5_0000.0000_9bb96b60832102ac\Splice.Install.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Splice) C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\Splice.WinClient.exe
() C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamresearch.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ECenter] => C:\Dell\E-Center\EULALauncher.exe
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [167936 2008-05-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-06] (Google)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)
HKLM\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)
HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [77824 2008-12-30] (Apple Computer, Inc.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2086912 2008-10-09] (Vodafone)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ROC_roc_dec12] => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
HKLM\...\Run: [HF_G_Jul] => "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-11-12] (IDT, Inc.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-17] ()
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-10-23] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-10-23] (Google Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [Facebook Update] => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [Dropbox Update] => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [uTorrent] => C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-09-30] (BitTorrent Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files\Gizmo\gizmo.exe [223640 2016-09-30] (Arainia Solutions)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\RunOnce: [Shockwave Updater] => C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103472.exe [460216 2009-01-16] (Adobe Systems, Inc.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {31e525d3-a0d2-11dd-8f4d-806e6f6e6963} - E:\Start.exe
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {35faa898-a1a4-11e5-ab85-00219bf0cada} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {4a920133-ddf2-11de-b145-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fdf3-d671-11dd-b150-00234d946a18} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fdf8-d671-11dd-b150-00234d946a18} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fe04-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308fe05-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {7308ff5f-d671-11dd-b150-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d963-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d987-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d989-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {9ba9d9a1-3899-11de-994d-00219bf0cada} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\MountPoints2: {f35d9154-5e5a-11de-b773-f28d9f3d3f08} - F:\setup_vmc_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-06] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-10-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2008-10-23]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gizmo.lnk [2016-09-30]
ShortcutTarget: Gizmo.lnk -> C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-03-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-10-23]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2008-11-29]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Splice for Windows.lnk [2016-09-30]
ShortcutTarget: Splice for Windows.lnk -> C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\Splice.WinClient.exe (Splice)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-10-23]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0E5D19BB-5339-434F-B09E-91A5E8E3F3AB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5081023
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://uk.msn.com/
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AFD04AD7-DB03-45B0-B241-7FB2BF381CCB}&mid=b41d0199dff947d1bc92d168dd142329-931055154b6ad30b546f145fab542c6fe4be2d7b&lang=en&ds=AVG&pr=pr&d=2011-09-28 16:56:46&v=10.0.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} URL = hxxp://search.alot.com/web?q={searchTerms}&pr=prov&client_id=D8FE563001CC333265556490&install_time=2011-06-25T12:24:35Z&src_id=12287&camp_id=2586&tb_version=2.5.20000.3
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=VWuL-VYZgp5nZ1OUaEHblndigxs?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AFD04AD7-DB03-45B0-B241-7FB2BF381CCB}&mid=b41d0199dff947d1bc92d168dd142329-931055154b6ad30b546f145fab542c6fe4be2d7b&lang=en&ds=AVG&pr=pr&d=2011-09-28 16:56:46&v=10.0.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO: ALOT Toolbar Helper -> {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} -> C:\Program Files\alot\bin\BHO\alotBHO.dll [2011-04-20] (Vertro)
BHO: No Name -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll [2006-11-09] (Dell Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll [2011-04-20] (Vertro)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-16] (Google Inc.)
Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game10.zylom.com/activex/zylomgamesplayer.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553570000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default [2016-10-08]
FF NewTab: Mozilla\Firefox\Profiles\hbyc7tgm.default -> hxxp://search.myemailxp.com?uid=undefined&uc=undefined&source=pd_gs_email_hotmail_p&page=newtab&implementation_id=Email_xp_0.0.2
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Yahoo!
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Ask.com
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hbyc7tgm.default -> Yahoo!
FF Homepage: Mozilla\Firefox\Profiles\hbyc7tgm.default -> hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
hxxp://search.myemailxp.com?uid=undefined&uc=undefined&source=pd_gs_email_hotmail_p&page=homepage&implementation_id=Email_xp_0.0.2
FF NetworkProxy: Mozilla\Firefox\Profiles\hbyc7tgm.default -> type", 2
FF Extension: (Firefox Hotfix) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\
[email protected] [2016-09-30]
FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\
[email protected] [2016-10-08] [not signed]
FF Extension: (My Email XP) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\
[email protected] [2015-07-09] [not signed]
FF Extension: (ALOT Toolbar) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\
[email protected] [2012-04-25] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-11-10] [not signed]
FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} [2016-10-08] [not signed]
FF Extension: (No Name) - C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2016-10-08] [not signed]
FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\ask-search.xml [2014-04-05]
FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\inbox-search.xml [2015-07-09]
FF SearchPlugin: C:\Users\Deana\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc7tgm.default\searchplugins\search.xml [2015-07-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-12] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.7.1.32\coFFAddon
FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.7.1.32\coFFAddon [2016-09-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-02] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-01-16] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-10-10] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1504278732-3331403366-2529910698-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1504278732-3331403366-2529910698-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-07-30] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Chrome NaCl) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins/avgnpss.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default [2016-10-08]
CHR Extension: (Norton Security Toolbar) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-09-30]
CHR Extension: (uTorrentControl_v2) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2015-12-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-12-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Deana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-17] () [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-12-18] (Macrovision Europe Ltd.) [File not signed]
R2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [451904 2009-10-28] ()
R2 Gizmo Central; C:\Program Files\Gizmo\gservice.exe [34728 2016-09-30] (Arainia Solutions)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-06] (Google)
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-10-23] (Citrix Online, a division of Citrix Systems, Inc.)
S2 gupdate1c9ac7b3e3f9900; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-07-09] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.7.1.32\NIS.exe [289080 2016-08-16] (Symantec Corporation)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-09-12] (IBM Corp.)
R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-10-09] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\BASHDefs\20160521.001\BHDrvx86.sys [1317624 2016-08-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1607010.020\ccSetx86.sys [137456 2016-08-10] (Symantec Corporation)
R1 GizmoDrv; C:\Windows\system32\Drivers\GizmoDrv.sys [25488 2016-09-30] (Arainia Solutions LLC)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\IPSDefs\20160803.001\IDSVix86.sys [667352 2016-08-10] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-10-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1609053.sys [775592 2016-09-30] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [328808 2016-09-12] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [101992 2016-09-12] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [257608 2016-09-12] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [407880 2016-09-12] (IBM Corp.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1607010.020\SRTSP.SYS [626416 2016-08-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1607010.020\SRTSPX.SYS [42744 2016-08-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NIS\1607010.020\SYMEFASI.SYS [1289944 2016-08-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [88312 2016-09-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1607010.020\Ironx86.SYS [230648 2016-08-10] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1607010.020\SYMTDIV.SYS [351416 2016-08-10] (Symantec Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\SDSDefs\20160911.001\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.7.1.32\Definitions\SDSDefs\20160911.001\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-08 19:40 - 2016-10-08 19:43 - 00038373 _____ C:\Users\Deana\Desktop\FRST.txt
2016-10-08 19:39 - 2016-10-08 19:40 - 00000000 ____D C:\FRST
2016-10-08 19:34 - 2016-10-08 19:36 - 01755136 _____ (Farbar) C:\Users\Deana\Desktop\FRST.exe
2016-10-08 19:33 - 2016-10-08 19:34 - 01755136 _____ (Farbar) C:\Users\Deana\Downloads\FRST.exe
2016-10-08 15:50 - 2016-10-08 15:50 - 00000000 ____D C:\Users\Deana\Desktop\Vocals
2016-10-08 15:22 - 2016-10-08 15:23 - 00000000 ____D C:\Users\Deana\Desktop\Pads
2016-10-08 15:08 - 2016-10-08 15:16 - 00000000 ____D C:\Users\Deana\Desktop\Strings
2016-10-08 15:00 - 2016-10-08 15:08 - 00000000 ____D C:\Users\Deana\Desktop\Keys
2016-10-08 14:54 - 2016-10-08 15:00 - 00000000 ____D C:\Users\Deana\Desktop\Bass
2016-10-08 14:45 - 2016-10-08 14:53 - 00000000 ____D C:\Users\Deana\Desktop\Guitar
2016-10-08 14:36 - 2016-10-08 14:44 - 00000000 ____D C:\Users\Deana\Desktop\FX
2016-10-08 14:16 - 2016-10-08 14:31 - 00000000 ____D C:\Users\Deana\Desktop\synth
2016-10-08 14:12 - 2016-10-08 14:13 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-08 14:09 - 2016-10-08 14:09 - 00000901 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-08 14:09 - 2016-10-08 14:09 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-10-08 14:09 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-08 14:09 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-08 14:09 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-08 13:59 - 2016-10-08 14:00 - 22851472 _____ (Malwarebytes ) C:\Users\Deana\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-08 12:44 - 2016-10-08 13:06 - 00000000 ____D C:\Users\Deana\Desktop\Perc n Voc
2016-10-08 12:16 - 2016-10-08 12:17 - 00000000 ____D C:\Users\Deana\Desktop\Drums
2016-10-08 11:48 - 2016-10-08 11:49 - 00000000 ____D C:\Users\Deana\AppData\Local\Splice
2016-10-08 11:46 - 2016-10-08 11:46 - 07752616 _____ (Splice) C:\Users\Deana\Downloads\install-splice (1).exe
2016-10-08 11:37 - 2016-10-08 11:56 - 00000000 ____D C:\Users\Deana\Documents\Splice
2016-10-07 16:06 - 2016-10-07 16:06 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-06 01:49 - 2016-10-06 01:49 - 00009414 _____ C:\Users\Deana\Downloads\badges.zip
2016-10-06 01:22 - 2016-10-06 01:22 - 03703230 _____ C:\Users\Deana\Desktop\Exhibition-Guide-Compose-Manchester16-Digital-Version.pdf
2016-10-06 01:02 - 2016-10-06 01:02 - 00002285 _____ C:\Users\Deana\Downloads\UCAS_-_Compose_your_Future_Manchester.ics
2016-10-05 13:07 - 2016-10-05 13:07 - 00103689 _____ C:\Users\Deana\Desktop\all_birth_adoption_cert_form_d.pdf
2016-10-05 10:08 - 2016-10-05 11:05 - 00000000 ____D C:\Users\Deana\Desktop\Rexed
2016-10-05 09:54 - 2016-10-08 10:26 - 00000000 ____D C:\Users\Deana\AppData\Local\{39AE295A-08FB-4242-BEFE-F6ACA0F92D4E}
2016-10-04 15:18 - 2016-10-04 15:18 - 00000000 ____D C:\Users\Deana\AppData\Local\{6A69DB40-1286-4DA1-AA25-6AC93F6EAA02}
2016-10-04 14:47 - 2016-10-04 14:47 - 00000754 _____ C:\Users\Deana\Desktop\odd bars.txt
2016-10-04 03:25 - 2016-10-04 03:25 - 00085533 _____ C:\Users\Deana\Downloads\Desolation-Music-by-Callum-Rawlinson.pdf
2016-10-04 03:23 - 2016-10-04 03:23 - 00085533 _____ C:\Users\Deana\Desktop\Desolation - Music by Callum Rawlinson.pdf
2016-10-04 03:19 - 2016-10-04 03:23 - 00000952 _____ C:\Users\Deana\AppData\Roaming\midisheetmusic.config.ini
2016-10-04 03:19 - 2016-10-04 03:19 - 00084901 _____ C:\Users\Deana\Desktop\Be You.pdf
2016-10-04 03:13 - 2016-10-04 03:13 - 01404928 _____ C:\Users\Deana\Desktop\MidiSheetMusic-2.6.exe
2016-10-04 03:12 - 2016-10-04 03:12 - 00003432 _____ C:\Users\Deana\Desktop\Desolation - Music by Callum Rawlinson.mid
2016-10-04 03:11 - 2016-07-11 06:40 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-04 03:08 - 2016-07-11 08:00 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-04 00:00 - 2016-07-15 22:32 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-04 00:00 - 2016-07-15 22:31 - 12841472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-04 00:00 - 2016-07-15 22:29 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-04 00:00 - 2016-07-15 22:27 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-04 00:00 - 2016-07-15 22:27 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-04 00:00 - 2016-07-15 22:27 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-04 00:00 - 2016-07-15 22:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-04 00:00 - 2016-07-15 22:26 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-04 00:00 - 2016-07-15 22:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-10-04 00:00 - 2016-07-15 22:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-10-04 00:00 - 2016-07-15 22:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-04 00:00 - 2016-07-15 22:24 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-04 00:00 - 2016-07-15 22:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-04 00:00 - 2016-07-15 22:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-04 00:00 - 2016-07-15 22:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-10-03 19:48 - 2016-10-03 19:50 - 00000000 ____D C:\Users\Deana\Desktop\chord stuff
2016-10-02 19:02 - 2016-10-02 19:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-01 16:19 - 2016-10-03 16:57 - 58581334 _____ C:\Users\Deana\Desktop\Trap.wav
2016-10-01 14:26 - 2016-10-01 14:26 - 00000992 _____ C:\Users\Deana\Desktop\Alesis V25 Editor.lnk
2016-10-01 14:26 - 2016-10-01 14:26 - 00000000 ____D C:\Users\Deana\Documents\Alesis
2016-10-01 14:26 - 2016-10-01 14:26 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alesis V25 Editor
2016-10-01 14:25 - 2016-10-01 14:26 - 00000000 ____D C:\Program Files\Alesis
2016-10-01 14:25 - 2016-10-01 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alesis
2016-10-01 14:24 - 2016-10-01 14:24 - 00000000 ____D C:\ProgramData\inMusic
2016-10-01 14:21 - 2016-10-01 14:21 - 16916718 _____ C:\Users\Deana\Downloads\Install_Alesis_V25_FirmwareUpdateWin_1.0.0.9.zip
2016-10-01 14:21 - 2016-10-01 14:21 - 00000000 ____D C:\Users\Deana\Downloads\Install_Alesis_V25_FirmwareUpdateWin_1.0.0.9
2016-10-01 14:21 - 2016-10-01 14:21 - 00000000 ____D C:\Users\Deana\Downloads\alesis_v25_editor_v1.0.4_pc
2016-10-01 14:20 - 2016-10-01 14:21 - 05662032 _____ C:\Users\Deana\Downloads\alesis_v25_editor_v1.0.4_pc.zip
2016-09-30 23:38 - 2016-10-05 19:32 - 00000000 ____D C:\Users\Deana\Desktop\Dank
2016-09-30 22:35 - 2016-10-04 22:51 - 00000000 ____D C:\Users\Deana\Desktop\splice2
2016-09-30 22:26 - 2016-09-30 22:26 - 01738662 _____ C:\Users\Deana\Desktop\TB_90_GUITAR_LOOP_B_018.rx2.rx2
2016-09-30 22:23 - 2016-09-30 22:23 - 00000241 _____ C:\Users\Deana\Desktop\TB_90_GUITAR_LOOP_B_018.mid.mid
2016-09-30 22:13 - 2016-09-30 22:13 - 00000874 _____ C:\Users\Public\Desktop\ReCycle.lnk
2016-09-30 22:11 - 2016-09-30 22:12 - 00000000 ____D C:\Users\Deana\Desktop\recycle2
2016-09-30 22:10 - 2016-09-30 22:10 - 00000000 ____D C:\Users\Deana\Desktop\recycle
2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Users\Deana\AppData\Roaming\WinRAR
2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-30 22:08 - 2016-09-30 22:08 - 00000000 ____D C:\Program Files\WinRAR
2016-09-30 22:07 - 2016-09-30 22:08 - 01962408 _____ C:\Users\Deana\Downloads\wrar540.exe
2016-09-30 22:01 - 2016-09-30 22:01 - 00000000 ____D C:\Users\Deana\Downloads\Propellerhead Recycle v2.2.3 Full WiN - UGET [deepstatus]
2016-09-30 20:39 - 2016-09-30 20:39 - 00406528 _____ (Propellerhead Software AB) C:\Windows\system32\ReWire.dll
2016-09-30 20:39 - 2016-09-30 20:39 - 00338432 _____ (Propellerhead Software AB) C:\Windows\system32\REX Shared Library.dll
2016-09-30 20:32 - 2016-09-30 20:39 - 00000000 ____D C:\Users\Deana\AppData\Local\SpliceSettings
2016-09-30 20:30 - 2016-10-08 11:48 - 00000000 ____D C:\Users\Deana\AppData\Local\SquirrelTemp
2016-09-30 20:27 - 2016-10-01 14:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-30 20:22 - 2016-09-30 20:39 - 00000000 ____D C:\Users\Deana\Desktop\Splice
2016-09-30 20:22 - 2016-09-30 20:22 - 00000000 ____D C:\Users\Deana\AppData\Local\IsolatedStorage
2016-09-30 20:21 - 2016-09-30 20:19 - 06503984 _____ (Microsoft Corporation) C:\Users\Deana\Desktop\vcredist_x86.exe
2016-09-30 20:18 - 2016-09-30 20:18 - 00009663 _____ C:\Users\Deana\Downloads\Splice.Install.application
2016-09-30 20:15 - 2016-09-30 20:34 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
2016-09-30 20:13 - 2016-09-30 22:13 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Propellerhead Software
2016-09-30 20:13 - 2016-09-30 20:39 - 00000000 ____D C:\ProgramData\Propellerhead Software
2016-09-30 20:11 - 2016-10-08 11:37 - 00000000 ____D C:\Users\Deana\AppData\Local\Deployment
2016-09-30 20:11 - 2016-09-30 20:11 - 00000000 ____D C:\Users\Deana\AppData\Local\Apps\2.0
2016-09-30 20:07 - 2016-09-30 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2016-09-30 20:07 - 2016-09-30 20:07 - 00000864 _____ C:\Users\Public\Desktop\Reason.lnk
2016-09-30 20:05 - 2016-09-30 20:06 - 00538504 _____ () C:\Users\Deana\Downloads\install-splice.exe
2016-09-30 19:52 - 2016-09-30 22:13 - 00000000 ____D C:\Program Files\Propellerhead
2016-09-30 19:32 - 2016-09-30 19:50 - 00000000 ____D C:\Users\Deana\Documents\Gizmo
2016-09-30 19:32 - 2016-09-30 19:32 - 00025488 _____ (Arainia Solutions LLC) C:\Windows\system32\Drivers\gizmodrv.sys
2016-09-30 19:32 - 2016-09-30 19:32 - 00000826 _____ C:\Users\Public\Desktop\Gizmo.lnk
2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Gizmo
2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gizmo Central
2016-09-30 19:32 - 2016-09-30 19:32 - 00000000 ____D C:\Program Files\Gizmo
2016-09-30 19:29 - 2016-09-30 19:30 - 08095640 _____ (Arainia Solutions) C:\Users\Deana\Downloads\gizmo-279-setup.exe
2016-09-30 19:18 - 2016-09-30 19:18 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\Oracle
2016-09-30 19:06 - 2016-09-30 19:29 - 00000000 ____D C:\Users\Deana\Downloads\Propellerhead Reason 5
2016-09-30 19:05 - 2016-09-30 19:05 - 00000000 ____D C:\Users\Deana\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67}
2016-09-30 19:04 - 2016-10-08 12:57 - 00000000 ____D C:\Users\Deana\AppData\Roaming\uTorrent
2016-09-30 19:04 - 2016-09-30 19:04 - 00002587 _____ C:\Users\Deana\Desktop\µTorrent.lnk
2016-09-30 19:04 - 2016-09-30 19:04 - 00002587 _____ C:\Users\Deana\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-09-30 19:03 - 2016-09-30 19:03 - 02375360 _____ (BitTorrent Inc.) C:\Users\Deana\Downloads\uTorrent (1).exe
2016-09-30 18:58 - 2016-09-30 18:58 - 02376392 _____ (BitTorrent Inc.) C:\Users\Deana\Downloads\BitTorrent.exe
2016-09-30 18:40 - 2016-09-30 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-09-30 18:13 - 2016-09-30 18:13 - 00000000 ____D C:\Users\Deana\Downloads\Reason_711_without_soundbanks
2016-09-30 17:57 - 2016-09-30 17:57 - 00000861 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-30 17:57 - 2016-09-30 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-30 17:55 - 2016-09-30 17:55 - 00000000 ____D C:\Program Files\VideoLAN
2016-09-30 17:54 - 2016-09-30 13:25 - 09525724 _____ C:\Users\Deana\Desktop\Skaggae 120bpm.wav
2016-09-30 17:53 - 2016-09-30 17:54 - 30533688 _____ C:\Users\Deana\Downloads\vlc-2.2.4-win32.exe
2016-09-30 17:42 - 2016-09-30 18:03 - 1083230812 _____ C:\Users\Deana\Downloads\Reason_711_without_soundbanks.zip
2016-09-12 20:21 - 2016-09-12 20:21 - 00257608 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2016-09-12 20:21 - 2016-09-12 20:21 - 00101992 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades.sys
2016-09-11 20:46 - 2016-09-11 20:46 - 00016384 _____ C:\Users\Deana\Documents\amended costings.xlr
2016-09-11 14:47 - 2016-09-11 14:47 - 00006738 _____ C:\Users\Deana\Downloads\renderConfirmation.htm
2016-09-11 14:22 - 2016-09-11 14:22 - 00017408 _____ C:\Users\Deana\Documents\cost 2016 send.xlr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-08 19:44 - 2009-06-29 14:57 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-08 19:31 - 2015-07-09 10:00 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job
2016-10-08 19:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-08 19:31 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-08 19:30 - 2012-04-15 15:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-08 18:56 - 2011-11-22 16:32 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job
2016-10-08 16:14 - 2013-05-27 16:22 - 00000000 ___RD C:\Users\Deana\Dropbox
2016-10-08 15:56 - 2011-11-22 16:32 - 00000904 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job
2016-10-08 15:25 - 2012-04-12 15:54 - 00000000 ____D C:\Users\Deana\AppData\Roaming\vlc
2016-10-08 15:19 - 2012-09-30 09:19 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\uTorrentControl_v2
2016-10-08 15:19 - 2012-09-30 09:18 - 00000000 ____D C:\Program Files\uTorrentControl_v2
2016-10-08 15:18 - 2011-06-25 13:24 - 00000000 ____D C:\Program Files\PriceGong
2016-10-08 15:17 - 2013-03-27 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
2016-10-08 15:17 - 2013-03-27 17:13 - 00000000 ____D C:\Program Files\Inbox Toolbar
2016-10-08 15:17 - 2012-09-30 09:19 - 00000000 ____D C:\Users\Deana\AppData\Local\CRE
2016-10-08 14:31 - 2015-07-09 10:00 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job
2016-10-08 11:50 - 2009-03-22 15:11 - 00000820 _____ C:\Windows\Tasks\Google Software Updater.job
2016-10-08 11:44 - 2009-06-29 14:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-07 16:07 - 2013-05-27 16:17 - 00000000 ____D C:\Users\Deana\AppData\Roaming\Dropbox
2016-10-07 16:07 - 2009-04-12 21:16 - 00000680 _____ C:\Users\Deana\AppData\Local\d3d9caps.dat
2016-10-04 17:22 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-10-04 17:22 - 2006-11-02 11:33 - 00762822 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 17:15 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 17:00 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-04 16:57 - 2010-11-25 18:38 - 00000000 ____D C:\Users\Deana\AppData\Local\CrashDumps
2016-10-04 15:26 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-10-04 15:04 - 2006-11-02 13:47 - 00306016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-02 12:30 - 2012-04-15 15:19 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-10-02 12:30 - 2011-07-23 16:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-10-02 12:30 - 2008-10-23 13:32 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-30 23:09 - 2015-07-09 10:00 - 00000000 ____D C:\Users\Deana\AppData\Local\Dropbox
2016-09-30 20:09 - 2011-06-25 13:24 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\PriceGong
2016-09-30 18:48 - 2014-04-05 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2016-09-30 18:48 - 2013-03-27 17:13 - 00000000 ____D C:\Users\Deana\AppData\LocalLow\Inbox Toolbar
2016-09-30 18:44 - 2013-01-20 19:37 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2016-09-30 18:40 - 2013-01-20 19:39 - 00002133 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2016-09-30 18:38 - 2013-01-20 19:39 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-09-30 17:34 - 2016-07-30 13:56 - 00000000 ____D C:\Users\Deana\AppData\Local\{9F94D08D-4201-4534-82E5-4913EA4ECAE8}
2016-09-11 23:40 - 2016-07-24 16:39 - 00000000 ____D C:\Users\Deana\Documents\meat mains costing
2016-09-11 23:30 - 2008-11-21 18:28 - 00012956 _____ C:\Users\Deana\AppData\Roaming\wklnhst.dat
2016-09-11 22:27 - 2016-07-24 16:36 - 00000000 ____D C:\Users\Deana\Documents\Veg mains costings
2016-09-11 20:48 - 2016-07-24 22:28 - 00000000 ____D C:\Users\Deana\Documents\potato & Carb sides costings
2016-09-11 20:48 - 2016-07-21 19:34 - 00016384 _____ C:\Users\Deana\Downloads\Dees costings no gp.xls
2016-09-11 17:23 - 2009-10-25 19:02 - 00000000 ____D C:\ProgramData\Norton
2016-09-11 17:22 - 2013-01-20 19:39 - 00088312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2016-09-11 17:22 - 2013-01-20 19:39 - 00008234 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2016-09-11 17:21 - 2013-01-20 19:37 - 00000000 ____D C:\Program Files\Norton Internet Security
2016-09-11 17:20 - 2009-10-25 19:01 - 00000000 ____D C:\Program Files\NortonInstaller
2016-09-11 17:18 - 2010-06-13 16:39 - 00000000 ____D C:\Users\Public\Downloads\Norton
==================== Files in the root of some directories =======
2016-10-04 03:19 - 2016-10-04 03:23 - 0000952 _____ () C:\Users\Deana\AppData\Roaming\midisheetmusic.config.ini
2008-11-21 18:28 - 2016-09-11 23:30 - 0012956 _____ () C:\Users\Deana\AppData\Roaming\wklnhst.dat
2010-11-25 19:26 - 2010-11-25 19:26 - 0000552 _____ () C:\Users\Deana\AppData\Local\d3d8caps.dat
2009-04-12 21:16 - 2016-10-07 16:07 - 0000680 _____ () C:\Users\Deana\AppData\Local\d3d9caps.dat
2008-11-24 12:42 - 2012-09-30 12:28 - 0035840 _____ () C:\Users\Deana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-19 14:11 - 2011-06-01 19:58 - 0001940 _____ () C:\Users\Deana\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2008-08-20 17:45 - 2008-08-20 17:45 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-09-22 15:21 - 2008-09-22 15:21 - 0127092 ____R () C:\ProgramData\DeviceManager.xml.rc4
Files to move or delete:
====================
C:\Users\Deana\install_flash_player.exe
Some files in TEMP:
====================
C:\Users\Deana\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Deana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_cexrd.dll
C:\Users\Deana\AppData\Local\Temp\install-splice.exe
C:\Users\Deana\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Deana\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Deana\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Deana\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Deana\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Deana\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Deana\AppData\Local\Temp\setup.exe
C:\Users\Deana\AppData\Local\Temp\TB_2CB1.exe
C:\Users\Deana\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Deana\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Deana\AppData\Local\Temp\{2155F2E7-0A81-4B8B-AD85-9BAA59C358BB}-GoogleToolbarInstaller_updater_signed.exe
C:\Users\Deana\AppData\Local\Temp\{358A8272-C5C9-455F-96F0-7E7631AD9316}-DropboxClient_5.4.24.exe
C:\Users\Deana\AppData\Local\Temp\{D0210D52-E7B2-429A-A530-D6AF5269CA84}-GoogleUpdateSetup.exe
C:\Users\Deana\AppData\Local\Temp\~spA66F.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-04 17:30
==================== End of FRST.txt ============================
ADDITIONAL.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-10-2016
Ran by Deana (08-10-2016 19:45:25)
Running from C:\Users\Deana\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-10-23 07:20:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1504278732-3331403366-2529910698-500 - Administrator - Disabled)
Deana (S-1-5-21-1504278732-3331403366-2529910698-1000 - Administrator - Enabled) => C:\Users\Deana
Guest (S-1-5-21-1504278732-3331403366-2529910698-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems Inc.)
Adobe Reader X (10.1.7) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Alesis V25 Editor (HKLM\...\V25Editor) (Version: - )
ALOT Toolbar (HKLM\...\alotToolbar) (Version: - ALOT) <==== ATTENTION
ALWIL Software Security 4.8.1296.0 (HKLM\...\ALWIL Software Security 4.8.1296.0) (Version: - )
Amazing Adventures The Lost Tomb 1.0.0.5 (HKLM\...\Amazing Adventures The Lost Tomb 1.0.0.5) (Version: - )
Bejeweled 2 Deluxe 1.1 (HKLM\...\Bejeweled 2 Deluxe 1.1) (Version: - )
Bejeweled Blitz (HKLM\...\Bejeweled Blitz) (Version: - PopCap Games)
Big Fish Games Client (HKLM\...\BFGC) (Version: 1.2.5.17 - )
Big Kahuna Words (HKLM\...\Big Kahuna Words_is1) (Version: - )
Bing Bar (HKLM\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Chuzzle Deluxe 1.01 (HKLM\...\Chuzzle Deluxe 1.01) (Version: - )
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Best of Web (HKLM\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.13 - Dell Inc.)
Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Dropbox (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Dropbox) (Version: 11.4.22 - Dropbox, Inc.)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FlipShare (HKLM\...\{4ACBE725-9800-54D0-4B4B-4B1BD3E97E7E}) (Version: 4.1.4.50640 - Flip Video)
Gizmo Central (HKLM\...\Gizmo Central) (Version: v2.7.9 - Arainia Solutions, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )
GrandPrix Championship 2 (HKLM\...\{8F66B207-0241-4D0E-8F8E-DB20D8B939C3}) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Margrave Manor (HKLM\...\Margrave Manor) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Crimson Skies (HKLM\...\Crimson Skies 1.0) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell)
Mozilla Firefox 43.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-GB)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery in London ™ (HKLM\...\BFG-Mystery in London) (Version: - )
Mystery P.I. - The Lottery Ticket 1.0.0.5 (HKLM\...\Mystery P.I. - The Lottery Ticket 1.0.0.5) (Version: - )
Mysteryville 2 (remove only) (HKLM\...\Mysteryville 2) (Version: - )
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)
Norton Internet Security (HKLM\...\NIS) (Version: 22.7.1.32 - Symantec Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.0 (HKLM\...\{92B79901-C57D-409F-8D2F-4E5337383569}) (Version: 3.0.9358 - OpenOffice.org)
Opera 9.63 (HKLM\...\{1BC4026B-1957-4514-9058-2B542557F143}) (Version: 9.63 - Opera Software ASA)
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.)
Plato DVD Ripper Professional 6.66.14 (HKLM\...\Plato DVD Ripper Professional_is1) (Version: - Plato Global Creativity)
Prism Video File Converter (HKLM\...\Prism) (Version: - NCH Software)
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
QuickTime (HKLM\...\QuickTime) (Version: - )
Rapport (Version: 3.5.1609.100 - Trusteer) Hidden
Reason 5.0 (HKLM\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
ReCycle 2.2.3 (HKLM\...\ReCycle2.2_32_is1) (Version: 2.2.3 - Propellerhead Software AB)
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
SAMSUNG CDMA Modem Driver Set (HKLM\...\SAMSUNG CDMA Modem) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.0.0.60203 - Samsung Electronics Co., Ltd.)
Samsung PC Studio (Version: 3.0.0.60203 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Splice for Windows (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\6dc0c1241910b832) (Version: 0.0.1.79 - Splice)
Splice Windows Client (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Splice) (Version: 1.2.22 - Splice)
Switch Sound File Converter (HKLM\...\Switch) (Version: - NCH Software)
The Official DSA Theory Test for Motorcyclists (HKLM\...\InstallShield_{B138D49F-B412-4B4A-9198-374EE0D593B7}) (Version: 1.4.1 - Driving Standards Agency)
The Official DSA Theory Test for Motorcyclists (Version: 1.4.1 - Driving Standards Agency) Hidden
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1609.100 - Trusteer)
V25 Firmware Updater 1.0.0 (HKLM\...\{4F32B54C-C555-46BF-A7EF-DA3300E9C675}) (Version: 1.0.0 - Alesis)
vast DVD Ripper version 1.9.0.0 (HKLM\...\vast DVD Ripper_is1) (Version: - )
Vivitar Experience Image Manager (HKLM\...\Vivitar Experience Image Manager) (Version: - Sakar)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.5.11690 - Vodafone)
WavePad Sound Editor (HKLM\...\WavePad) (Version: - NCH Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinX Free DVD Ripper 4.5.14 (HKLM\...\WinX Free DVD Ripper_is1) (Version: - Digiarty Software,Inc.)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Deana\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Users\Deana\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Deana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{DE9AD55E-D493-4FA0-9B3F-E9CA5DB7EBD6}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Deana\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1504278732-3331403366-2529910698-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Deana\AppData\Local\Dropbox\Update\1.3.27.77\psuser.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A62DE1A-5A22-42BD-8269-929DA77A2AE8} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-06] (Google) <==== ATTENTION
Task: {446409D5-9E1F-4AD8-A568-198FA369E266} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {55B2F342-06F2-4F16-BC84-EC2885E9D65F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)
Task: {59A241DE-06C5-4949-8BEB-01BADC034CAA} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files\Gizmo\gizmo.exe [2016-09-30] (Arainia Solutions)
Task: {7959F03D-F292-4552-8C89-5B87EB44CD29} - System32\Tasks\NCH Swift Sound\wavepadShakeIcon => C:\Program Files\NCH Swift Sound\WavePad\WavePad.exe [2011-06-25] (NCH Software)
Task: {9BFA9261-ABCD-49BB-A5B0-D7BC80F89142} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {9C17C86A-44F4-4573-B273-053E40CE872A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {A1FDDA0A-9E94-4149-9294-C38BC191D3E9} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files\NCH Software\Prism\Prism.exe [2011-06-25] (NCH Software)
Task: {B258D9B0-D4B5-4527-9C50-78B5875F5496} - System32\Tasks\{AFA339AA-DCBC-4377-BF89-F7B5EDEB9324} => pcalua.exe -a C:\Users\Deana\Desktop\LimeWireWin.exe -d C:\Users\Deana\Desktop
Task: {BC33CF59-E03C-4F7B-8DA7-F13C509B147E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)
Task: {C2365EA3-6645-477F-A03C-0252FB6DB4E7} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\WSCStub.exe [2016-08-16] (Symantec Corporation)
Task: {CD8C619B-9ABD-425C-BDC4-CA0AB2254232} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2016-08-16] (Symantec Corporation)
Task: {EAF24003-5421-477E-9D7B-8F5AC601EC30} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\SymErr.exe [2016-05-23] (Symantec Corporation)
Task: {EC2DCE9D-73D4-460C-B336-5B3B3FCD134E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-02] (Adobe Systems Incorporated)
Task: {EF53A72B-182A-4506-BCF3-DEE7B71C0F84} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {F51240AE-93FE-4E88-B9F4-253E17DE539C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\22.7.1.32\SymErr.exe [2016-05-23] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job => C:\Users\Deana\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000Core.job => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504278732-3331403366-2529910698-1000UA.job => C:\Users\Deana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Deana\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
Shortcut: C:\Users\Deana\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html
==================== Loaded Modules (Whitelisted) ==============
2008-10-23 13:41 - 2008-07-03 13:29 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-10-23 13:41 - 2008-07-03 13:28 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2016-09-30 19:32 - 2016-09-30 19:32 - 00059304 _____ () C:\Program Files\Gizmo\gshell.dll
2007-09-11 01:45 - 2007-09-11 01:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2016-06-17 23:13 - 2016-06-17 23:13 - 00198216 _____ () C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
2009-10-28 12:57 - 2009-10-28 12:57 - 00451904 _____ () C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
2009-10-28 12:52 - 2009-10-28 12:52 - 01581056 _____ () C:\Program Files\Flip Video\FlipShare\QtCore4.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2008-10-23 13:45 - 2010-07-06 10:06 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2009-10-21 10:38 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2013-03-27 17:13 - 2015-06-22 04:27 - 02458032 ____N () C:\Program Files\Inbox Toolbar\Inbox.exe
2016-06-17 23:13 - 2016-06-17 23:13 - 01758280 ____N () C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
2016-09-30 19:32 - 2016-09-30 19:32 - 00166816 _____ () C:\Program Files\Gizmo\GImage.dll
2016-09-30 19:32 - 2016-09-30 19:32 - 00315800 _____ () C:\Program Files\Gizmo\gmanager.dll
2016-09-30 19:32 - 2016-09-30 19:32 - 00404384 _____ () C:\Program Files\Gizmo\gdatabase.dll
2016-09-30 19:32 - 2016-09-30 19:32 - 00394656 _____ () C:\Program Files\Gizmo\gdrive.dll
2008-07-29 15:55 - 2008-07-29 15:55 - 00969728 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2016-09-11 14:42 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-11 14:42 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2016-07-17 17:55 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Deana\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll
2016-10-08 11:48 - 2016-05-17 05:02 - 00026112 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\Splice-SAS.dll
2016-10-08 11:48 - 2016-05-17 05:02 - 02304512 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\libsndfile-1.dll
2016-10-08 11:48 - 2016-05-17 05:02 - 00276992 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\x86\libFLAC_dynamic.dll
2016-10-08 11:48 - 2016-10-05 21:42 - 00074240 _____ () C:\Users\Deana\AppData\Local\Splice\Splice.WinClient\SpliceUtility.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:90D89144 [129]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [210]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1504278732-3331403366-2529910698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Deana\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{8CCA8E7C-80F7-40CC-AEBE-9376C2FD360A}] => (Allow) C:\Program Files\Dell\MediaDirect\MediaDirect.exe
FirewallRules: [{DD81B648-1F51-485F-A5E0-8E8F4F989329}] => (Allow) C:\Program Files\Dell\MediaDirect\PCMService.exe
FirewallRules: [{9F1EF73E-DD8E-49DB-A597-5C7964A5C3C3}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{77C5565B-BCCA-4011-87CD-AA84C4CD17A8}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe
FirewallRules: [{7635F890-31D8-49EB-B5D4-82CE092D2449}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{F0494029-1297-495A-87E4-544AE760A745}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{CBB04CFB-84B1-4152-8680-2BEF17DEA92B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{59CA0B27-AD55-404E-A352-B3C1B4FDF453}] => (Allow) svchost.exe
FirewallRules: [{9D3CBF34-C06D-4C55-BF0E-F16D05F580F0}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{42ED005A-46C0-42DD-8A3D-5DFD547D05FA}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe
FirewallRules: [UDP Query User{0953EDED-08E7-4A88-83AE-43C9891BCE31}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe
FirewallRules: [TCP Query User{21BD515B-6E0E-4151-8581-66D988205C3C}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe
FirewallRules: [UDP Query User{0FE1A0C9-AAEE-4C8D-A4E3-7D4BD8D4155A}C:\program files\limewire download client\limewireclient.exe] => (Allow) C:\program files\limewire download client\limewireclient.exe
FirewallRules: [{362B9D32-E86D-408C-BD10-065ADDA207D1}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2FAF89FD-74CB-4B30-898B-2C33E295D6A8}] => (Allow) LPort=2869
FirewallRules: [{212D0755-534D-4F27-AA44-0C02589F230A}] => (Allow) LPort=1900
FirewallRules: [{DA5B1DC8-425F-43FC-8484-40AAD22BB01A}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{FA482298-AFAC-4575-81A8-6B73E66453F9}] => (Allow) LPort=80
FirewallRules: [{84122195-C68E-4B8F-AB64-B97B0586780D}] => (Allow) LPort=80
FirewallRules: [{4EA7247B-A482-4C27-BFF3-8B1713C8A5DD}] => (Allow) LPort=80
FirewallRules: [{3D5A9DF2-DCDB-424A-8E86-2EC71FC71B56}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{E12FD63A-5DED-433F-9558-44B6E8B6DB6C}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{3079018F-4E52-4CDD-8B69-2EEECA740287}] => (Allow) C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5EB6A414-C09A-434C-B02A-CD65C7DFF15E}] => (Allow) C:\Users\Deana\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F8D356C5-A065-4086-B0DC-7F47070A9313}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E725AF99-6C13-49C0-8D8B-CCA3D27F7CB1}] => (Allow) C:\Users\Deana\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{B4B78EA5-213E-4E8E-B3BF-D0C70A3C7DA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CA0D204D-FF84-4B47-87CD-CBA1A8334D03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{49CC69A9-B2B5-47D7-8530-D6B5A9991385}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{2516A767-BDC4-49C0-A954-8439A1B6D12B}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{07B99DC1-4BA0-4AF4-88C9-4533D6F67346}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E64A3826-F00B-4DC9-830E-882ECEA25344}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A75C574C-FD73-482B-B6B7-A158AA9D173D}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A1CB466E-8D0D-49C5-A231-D9ECB6C0D61D}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{90373D80-9C2B-4CF7-B0C8-8810EE07F71E}] => (Allow) C:\Users\Deana\AppData\Roaming\uTorrent\uTorrent.exe
==================== Restore Points =========================
10-07-2016 21:18:42 Installed Rapport
16-07-2016 23:54:34 Windows Update
17-07-2016 16:29:58 Installed Rapport
24-07-2016 23:45:42 Windows Update
30-07-2016 10:58:13 Installed Rapport
30-09-2016 18:46:32 Installed Rapport
30-09-2016 20:19:25 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
01-10-2016 14:22:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
01-10-2016 14:24:33 Installed V25 Firmware Updater 1.0.0
03-10-2016 23:35:01 Windows Update
04-10-2016 03:00:29 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/08/2016 03:11:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\SOUNDS OF KSHMR VOL. 2\LIVE_INSTRUMENTS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:11:21 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\SOUNDS OF KSHMR VOL. 2\LIVE_INSTRUMENTS> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:05:51 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\CINEMATIC MOODS 2\PL0370_ACID_WAV_CINEMATIC_MOODS_2\PRIME_LOOPS_-_CINEMATIC_MOODS_2> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:05:51 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\CINEMATIC MOODS 2\PL0370_ACID_WAV_CINEMATIC_MOODS_2\PRIME_LOOPS_-_CINEMATIC_MOODS_2> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:05:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\CINEMATIC MOODS 2\PL0370_ACID_WAV_CINEMATIC_MOODS_2> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:05:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\CINEMATIC MOODS 2\PL0370_ACID_WAV_CINEMATIC_MOODS_2> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:04:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\THE GOLDEN HIP HOP PRINCIPLE\90_BPM\SPARKLE_-_CM> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:04:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\THE GOLDEN HIP HOP PRINCIPLE\90_BPM\SPARKLE_-_CM> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:04:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\THE GOLDEN HIP HOP PRINCIPLE\90_BPM> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (10/08/2016 03:04:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DEANA\DOCUMENTS\SPLICE\SAMPLES\PACKS\THE GOLDEN HIP HOP PRINCIPLE\90_BPM> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (12/28/2009 03:55:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:56:08 on 28/12/2009 was unexpected.
CodeIntegrity:
===================================
Date: 2016-10-08 20:43:51.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:43:50.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:43:49.453
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:43:45.189
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:43:43.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:43:42.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:41:25.080
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:41:24.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:41:23.090
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-08 20:41:21.795
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 73%
Total physical RAM: 3061.31 MB
Available physical RAM: 804.8 MB
Total Virtual: 6324.88 MB
Available Virtual: 2027.75 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:136.74 GB) (Free:35.04 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:4.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================