Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
Ran by April (administrator) on APRILKAY (24-11-2017 19:30:02)
Running from C:\Users\April\Desktop
Loaded Profiles: April (Available Profiles: April & Classic .NET AppPool & .NET v4.5 & DefaultAppPool & .NET v2.0 & .NET v4.5 Classic & .NET v2.0 Classic)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
() C:\Windows\System32\tprdpw32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\April\Desktop\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [VerizonCloud] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2168416 2017-11-15] (Hola Networks Ltd.) <==== ATTENTION
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Vault Explorer Cache Watcher] => C:\Program Files (x86)\Verizon\Verizon Online Share Drive\vewatch.exe [17408 2012-07-31] (DigiData Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-21] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2017-03-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [Google Update] => C:\Users\April\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [uTorrent] => C:\Users\April\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-10-12] (BitTorrent Inc.)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] ()
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [B6DBB8B0EDF4FDF67A5BF46CB3DA12E3F5D4E945._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [74144 2012-08-10] (Hewlett-Packard Company)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\MountPoints2: {39843cd8-3120-11e3-be7b-b8763f38aa42} - "F:\TL_Bootstrap.exe"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\MountPoints2: {5595447e-4ef7-11e7-bfe1-b8763f38aa42} - "F:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Online Backup and Sharing for PC.lnk [2015-01-24]
ShortcutTarget: Verizon Online Backup and Sharing for PC.lnk -> C:\Program Files (x86)\Verizon\Verizon Online Backup and Sharing for PC\DigiData.Host.exe (DigiData)
Startup: C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\beautify.exe.lnk [2017-04-27]
Startup: C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-11-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8003
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{00d87d5b-ced8-43ce-9d2e-c589f797a6c2}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{9889cd4c-6234-4a7c-85ec-fdb5698dbf18}: [DhcpNameServer] 10.12.30.254 10.12.15.254
Tcpip\..\Interfaces\{eaadcf75-4d3f-478c-8478-412273d618fe}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {37745BC3-A4F1-40D2-BED1-CBDE5CDF93DA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {37745BC3-A4F1-40D2-BED1-CBDE5CDF93DA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> {37745BC3-A4F1-40D2-BED1-CBDE5CDF93DA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> {A22EA8C9-539D-45F8-83B1-A8BD7130CE8B} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_us_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_01a233fd_1201_1401_20160526_US_ie_ds_&tag=bds-p10-serp-us-ie-20&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: Solution Real 1.0.0.7 -> {1bb456da-878f-44a5-b013-4bfe0ae02fce} -> C:\Program Files (x86)\Solution Real\SolutionRealBHO.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
IE Session Restore: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001 -> is enabled.
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-07-10] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-25] [Lagacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-07-22] [Lagacy]
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-04-27] [Lagacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-10-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2017-03-13] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2751042415-2246998964-2558403214-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\April\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2751042415-2246998964-2558403214-1001: @talk.google.com/O1DPlugin -> C:\Users\April\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2751042415-2246998964-2558403214-1001: @tools.google.com/Google Update;version=3 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2751042415-2246998964-2558403214-1001: @tools.google.com/Google Update;version=9 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2751042415-2246998964-2558403214-1001: hp.com/HPDetect -> C:\Users\April\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll [2012-08-30] (HP)
FF Plugin ProgramFiles/Appdata: C:\Users\April\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\April\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://search.imesh.net/?sver=3&appid=73","hxxp://search.yahoo.com/?type=599486&fr=spigot-yhp-ch"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\April\AppData\Local\Google\Chrome\User Data\Default [2017-11-24]
CHR Extension: (Google Translate) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Duolingo on the Web) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-04-17]
CHR Extension: (Google Voice Extension) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladafhcgmligibhilgpfncgdfccepgh [2013-10-02]
CHR Extension: (Docs) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Fotor Photo Editor) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2017-09-04]
CHR Extension: (YouTube) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Guitarist's Reference) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\cddaabhppoebkmalboinjhgofbhdbcgk [2014-11-30]
CHR Extension: (One Number) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi [2013-10-02]
CHR Extension: (Plugins) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2016-10-22]
CHR Extension: (Google Search) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Guitar Tuner) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2013-10-02]
CHR Extension: (Polarr Photo Editor) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-11-15]
CHR Extension: (Guitar Tab Viewer) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmbkpfnfkhalmhebdelpldipheihng [2013-10-02]
CHR Extension: (Fotor Extension) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicdknplohdampjgndodmhblklhhnkbn [2017-05-08]
CHR Extension: (Google Docs Offline) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-21]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2017-07-08]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-11-08]
CHR Extension: (Vorsprung) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\henidbeahjgfpjmfakeeimkiikbijiph [2016-10-28]
CHR Extension: (Auto Show Texts in Google Voiceâ„¢) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhbkniagfcnoomhcaaoalkjmdejfmml [2013-10-02]
CHR Extension: (Kindle Cloud Reader) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-02-04]
CHR Extension: (Pixlr Editor) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2017-05-28]
CHR Extension: (SIGNtalk) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbninbhmfefcmefgkapeaflfagppahi [2017-06-25]
CHR Extension: (iPiccy Photo Editor) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2017-05-08]
CHR Extension: (Google Voice (by Google)) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-04-09]
CHR Extension: (Google Hangouts) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-05-04]
CHR Extension: (Google Play) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-10-22]
CHR Extension: (Tweaks for Google Voice™) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomidmppcdmojcgfnpfkmhbnakbnmaff [2016-12-07]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2017-04-13]
CHR Extension: (Guitar Chords) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\megglpjmadjmghjegnallnhiknjnnjhh [2013-10-02]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-07-28]
CHR Extension: (Google Hangouts) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-11-01]
CHR Extension: (Google Voice Paginated Texts) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\necmgnhmkphmjpddncmklalagjebbbea [2016-12-07]
CHR Extension: (No Name) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2017-05-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2013-10-02]
CHR Extension: (Gmail) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR Extension: (Learn Spanish - Qué Onda) - C:\Users\April\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj [2014-04-09]
CHR Profile: C:\Users\April\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-03-20]
CHR Profile: C:\Users\April\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-17]
CHR HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [commhkacjheiacaopdonmodahaoadoln] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0291631511534851mcinstcleanup; C:\WINDOWS\TEMP\029163~1.EXE [1030904 2017-02-09] (McAfee, Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
S2 Dataup; C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-03-13] (WildTangent)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [20117088 2017-11-15] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [5622368 2017-02-21] (Hola Networks Ltd.) <==== ATTENTION
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-16] (HP Inc.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S4 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2015-01-27] (Verizon) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 KMSServerService; C:\Program Files\KMSpico\KMSServer.exe [38454 2017-06-20] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [404376 2017-04-17] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
S2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
S2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-21] (Intel Security, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 drmkpro64; C:\WINDOWS\System32\drivers\ndistpr64.sys [78112 2013-09-28] () [File not signed] <==== ATTENTION
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-05-04] (LogMeIn Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [87928 2016-08-01] (McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-18] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-18] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
R1 MpKsl37fcc72e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA44C40B-E545-419B-9E92-3DF6D85B4E70}\MpKsl37fcc72e.sys [58120 2017-11-20] (Microsoft Corporation)
R1 MpKsl42d55bd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0F92B29A-CD48-468A-8FF5-6ECBC5DC3955}\MpKsl42d55bd0.sys [58120 2017-11-24] (Microsoft Corporation)
R1 MpKsl83ac0e4e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4FE2A090-80CA-40E8-99C7-3B318A160334}\MpKsl83ac0e4e.sys [58120 2017-11-15] (Microsoft Corporation)
R1 MpKslb1431338; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7E93B3FB-50CD-4AA1-9B1B-863DB0CF8BE1}\MpKslb1431338.sys [58120 2017-11-17] (Microsoft Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [252432 2016-03-24] (QUALCOMM Incorporated)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X]
S1 azwtqkfi; \??\C:\WINDOWS\system32\drivers\azwtqkfi.sys [X]
S1 eoettcum; \??\C:\WINDOWS\system32\drivers\eoettcum.sys [X]
S1 hkotdgis; \??\C:\WINDOWS\system32\drivers\hkotdgis.sys [X]
S1 kzejxclx; \??\C:\WINDOWS\system32\drivers\kzejxclx.sys [X]
S1 nkbromna; \??\C:\WINDOWS\system32\drivers\nkbromna.sys [X]
S1 odvoxhdr; \??\C:\WINDOWS\system32\drivers\odvoxhdr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-24 19:30 - 2017-11-24 19:35 - 000043233 _____ C:\Users\April\Desktop\FRST.txt
2017-11-24 18:33 - 2017-11-24 18:33 - 000000000 ____D C:\Users\April\Desktop\FRST-OlderVersion
2017-11-24 18:32 - 2017-11-24 19:30 - 000000000 ____D C:\FRST
2017-11-24 14:53 - 2017-11-24 14:56 - 000557084 _____ C:\WINDOWS\Minidump\112417-100531-01.dmp
2017-11-23 23:34 - 2017-11-24 18:33 - 002393088 _____ (Farbar) C:\Users\April\Desktop\FRST64 (1).exe
2017-11-23 23:33 - 2017-11-23 23:34 - 002393088 _____ (Farbar) C:\Users\April\Downloads\FRST64 (1).exe
2017-11-17 22:31 - 2017-11-17 22:34 - 000557036 _____ C:\WINDOWS\Minidump\111717-49921-01.dmp
2017-11-17 22:19 - 2017-11-17 22:21 - 000419404 _____ C:\WINDOWS\Minidump\111717-64156-01.dmp
2017-11-17 21:31 - 2017-11-17 21:31 - 002392576 _____ (Farbar) C:\Users\April\Downloads\FRST64.exe
2017-11-16 17:31 - 2017-11-16 17:31 - 000116847 _____ C:\Users\April\Downloads\social security online Create a Login Account.pdf
2017-11-16 02:18 - 2017-11-16 02:18 - 000000000 ____D C:\ProgramData\HP
2017-11-16 02:18 - 2017-11-16 02:18 - 000000000 ____D C:\Program Files\HP
2017-11-15 14:05 - 2017-11-01 20:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 14:05 - 2017-11-01 20:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 14:05 - 2017-11-01 20:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 14:05 - 2017-11-01 20:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 14:05 - 2017-10-15 06:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 14:04 - 2017-11-01 21:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 14:04 - 2017-11-01 20:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 14:04 - 2017-11-01 20:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 14:04 - 2017-11-01 20:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 14:04 - 2017-11-01 20:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 14:04 - 2017-11-01 20:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 14:04 - 2017-11-01 20:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 14:04 - 2017-11-01 20:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 14:04 - 2017-11-01 20:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 14:04 - 2017-11-01 20:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 14:04 - 2017-11-01 20:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 14:04 - 2017-11-01 20:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 14:04 - 2017-11-01 20:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 14:04 - 2017-11-01 20:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 14:04 - 2017-11-01 20:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 14:04 - 2017-11-01 20:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 14:04 - 2017-11-01 20:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 14:04 - 2017-10-24 23:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 14:04 - 2017-10-15 07:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 14:04 - 2017-10-15 06:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 14:04 - 2017-10-15 06:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 14:04 - 2017-10-15 06:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 14:03 - 2017-11-01 20:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 14:03 - 2017-11-01 20:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 14:03 - 2017-11-01 20:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 14:03 - 2017-11-01 20:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 14:03 - 2017-11-01 20:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 14:03 - 2017-11-01 20:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 14:03 - 2017-11-01 20:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 14:03 - 2017-11-01 20:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 14:03 - 2017-11-01 20:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 14:03 - 2017-11-01 20:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 14:03 - 2017-11-01 20:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 14:03 - 2017-10-15 06:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 14:03 - 2017-10-15 06:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 14:03 - 2017-10-15 06:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 14:03 - 2017-10-15 06:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 14:03 - 2017-10-15 06:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 14:00 - 2017-11-01 20:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 14:00 - 2017-11-01 20:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 14:00 - 2017-11-01 20:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 14:00 - 2017-11-01 20:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 14:00 - 2017-11-01 20:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 14:00 - 2017-11-01 20:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 14:00 - 2017-11-01 20:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 14:00 - 2017-11-01 20:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 14:00 - 2017-11-01 20:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 14:00 - 2017-11-01 20:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 14:00 - 2017-11-01 20:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 14:00 - 2017-10-15 06:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 13:59 - 2017-11-01 21:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-15 13:59 - 2017-11-01 20:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 13:59 - 2017-11-01 20:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 13:59 - 2017-11-01 20:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 13:59 - 2017-11-01 20:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 13:59 - 2017-11-01 20:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 13:59 - 2017-10-15 07:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 13:59 - 2017-10-15 07:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 13:59 - 2017-10-15 06:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 13:45 - 2017-11-01 21:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 13:45 - 2017-11-01 20:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 13:45 - 2017-11-01 20:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 13:45 - 2017-11-01 20:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 13:45 - 2017-11-01 20:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 13:45 - 2017-11-01 20:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 13:44 - 2017-11-01 20:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 13:43 - 2017-11-01 21:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 13:43 - 2017-11-01 21:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 13:43 - 2017-11-01 21:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-15 13:43 - 2017-11-01 20:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 13:43 - 2017-11-01 20:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 13:43 - 2017-11-01 20:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 13:43 - 2017-11-01 20:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 13:43 - 2017-11-01 20:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 13:43 - 2017-11-01 20:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-15 13:43 - 2017-11-01 20:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 13:43 - 2017-11-01 20:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 13:43 - 2017-11-01 20:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 13:43 - 2017-11-01 20:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 13:43 - 2017-11-01 20:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 13:43 - 2017-11-01 20:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 13:43 - 2017-11-01 20:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 13:43 - 2017-10-15 06:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 13:43 - 2017-10-15 06:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 13:43 - 2017-10-15 06:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 13:43 - 2017-10-15 06:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-15 13:42 - 2017-11-01 21:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 13:42 - 2017-11-01 20:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 13:42 - 2017-11-01 20:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 13:42 - 2017-11-01 20:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 13:42 - 2017-11-01 20:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 13:42 - 2017-11-01 20:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 13:42 - 2017-11-01 20:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 13:42 - 2017-11-01 20:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 13:42 - 2017-11-01 20:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 13:42 - 2017-11-01 20:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 13:42 - 2017-11-01 20:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-15 13:42 - 2017-11-01 20:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 13:42 - 2017-10-15 06:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 13:41 - 2017-11-01 21:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 13:41 - 2017-11-01 21:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 13:41 - 2017-11-01 21:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-15 13:41 - 2017-11-01 20:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 13:41 - 2017-11-01 20:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 13:41 - 2017-11-01 20:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 13:41 - 2017-11-01 20:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 13:41 - 2017-11-01 20:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 13:41 - 2017-11-01 20:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 13:41 - 2017-11-01 20:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 13:41 - 2017-11-01 20:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 13:41 - 2017-11-01 20:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 13:41 - 2017-11-01 20:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 13:41 - 2017-11-01 20:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 13:41 - 2017-11-01 20:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 13:41 - 2017-11-01 20:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 13:41 - 2017-10-15 06:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 13:41 - 2017-10-15 06:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 13:41 - 2017-10-15 06:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-15 13:40 - 2017-11-01 21:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 13:40 - 2017-11-01 20:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 13:40 - 2017-11-01 20:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 13:40 - 2017-11-01 20:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 13:40 - 2017-10-15 06:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 13:40 - 2017-10-15 06:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 13:39 - 2017-11-01 21:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 13:39 - 2017-11-01 21:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 13:39 - 2017-11-01 21:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 13:39 - 2017-11-01 21:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-15 13:39 - 2017-11-01 20:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 13:39 - 2017-11-01 20:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 13:39 - 2017-11-01 20:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-15 13:39 - 2017-11-01 20:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 13:39 - 2017-10-15 06:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 13:39 - 2017-10-15 06:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 13:39 - 2017-10-15 06:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 13:38 - 2017-11-01 21:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 13:38 - 2017-11-01 21:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 13:38 - 2017-11-01 21:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-15 13:38 - 2017-11-01 20:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 13:38 - 2017-11-01 20:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 13:38 - 2017-11-01 20:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 13:38 - 2017-11-01 20:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 13:38 - 2017-11-01 20:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 13:38 - 2017-11-01 20:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 13:38 - 2017-11-01 20:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 13:38 - 2017-11-01 20:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 13:38 - 2017-11-01 20:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 13:38 - 2017-11-01 20:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 13:38 - 2017-11-01 20:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-15 13:38 - 2017-11-01 20:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 13:38 - 2017-11-01 20:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 13:38 - 2017-10-15 06:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 13:38 - 2017-10-15 06:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 13:38 - 2017-10-15 06:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 13:37 - 2017-11-01 21:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-15 13:37 - 2017-11-01 21:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-15 13:37 - 2017-11-01 21:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 13:37 - 2017-11-01 21:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 13:37 - 2017-11-01 21:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 13:37 - 2017-11-01 21:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 13:37 - 2017-11-01 21:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 13:37 - 2017-11-01 21:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 13:37 - 2017-11-01 20:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 13:37 - 2017-11-01 20:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 13:37 - 2017-11-01 20:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 13:37 - 2017-11-01 20:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 13:37 - 2017-11-01 20:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 13:37 - 2017-11-01 20:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 13:37 - 2017-11-01 20:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 13:37 - 2017-11-01 20:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 13:37 - 2017-11-01 20:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 13:37 - 2017-10-15 06:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 13:37 - 2017-10-15 06:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 13:36 - 2017-11-01 21:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-15 13:36 - 2017-11-01 21:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-15 13:36 - 2017-11-01 21:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-15 13:36 - 2017-11-01 21:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 13:36 - 2017-11-01 21:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 13:36 - 2017-10-15 06:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 13:36 - 2017-10-15 06:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-15 13:35 - 2017-11-01 21:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 13:35 - 2017-11-01 21:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-15 13:35 - 2017-11-01 21:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-15 13:35 - 2017-11-01 21:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-15 13:35 - 2017-11-01 21:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-15 13:35 - 2017-11-01 21:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 13:35 - 2017-11-01 21:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-15 13:35 - 2017-11-01 21:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 13:35 - 2017-11-01 21:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 13:35 - 2017-11-01 21:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-15 13:35 - 2017-11-01 21:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-15 13:35 - 2017-11-01 21:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-15 13:35 - 2017-11-01 21:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 13:35 - 2017-11-01 21:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 13:35 - 2017-11-01 21:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 13:35 - 2017-11-01 20:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 13:35 - 2017-11-01 20:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 13:35 - 2017-11-01 20:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 13:35 - 2017-11-01 20:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 13:35 - 2017-11-01 20:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 13:35 - 2017-10-15 06:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 13:35 - 2017-10-15 06:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-12 21:20 - 2017-11-12 21:20 - 000830656 _____ C:\Users\April\Downloads\kilo credit.pdf
2017-11-12 19:56 - 2017-11-12 19:56 - 000137669 _____ C:\Users\April\Downloads\DAVID ARREST.pdf
2017-11-08 04:55 - 2017-11-08 04:57 - 000509980 _____ C:\WINDOWS\Minidump\110817-35312-01.dmp
2017-11-06 19:00 - 2017-11-06 19:00 - 000002029 _____ C:\Users\April\Desktop\Canon IJ Network Tool (2).lnk
2017-11-06 19:00 - 2017-11-06 19:00 - 000001291 _____ C:\Users\April\Desktop\Google Chrome (2).lnk
2017-11-06 19:00 - 2017-11-06 19:00 - 000001099 _____ C:\Users\April\Desktop\Connected Music powered by Meridian.lnk
2017-11-06 19:00 - 2017-11-06 19:00 - 000000903 _____ C:\Users\April\Desktop\Adobe Acrobat XI - Shortcut.lnk
2017-11-05 01:38 - 2017-11-05 01:39 - 000412108 _____ C:\WINDOWS\Minidump\110517-37015-01.dmp
2017-11-04 01:56 - 2017-11-04 01:56 - 000000279 _____ C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2017-11-02 14:17 - 2017-11-02 14:17 - 000000000 ___HD C:\OneDriveTemp
2017-10-29 10:32 - 2017-10-29 10:32 - 000000000 ___HD C:\$WINDOWS.~BT
2017-10-28 01:53 - 2017-10-28 01:53 - 000033683 _____ C:\Users\April\Documents\received_1634761773221496.jpeg
2017-10-28 01:38 - 2017-10-28 01:38 - 000264536 _____ C:\Users\April\Documents\received_10210300136400634.jpeg
2017-10-28 01:36 - 2017-10-28 01:36 - 000136153 _____ C:\Users\April\Documents\received_10210300117720167.jpeg
2017-10-27 12:48 - 2017-10-27 12:53 - 000599692 _____ C:\WINDOWS\Minidump\102717-102640-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-24 18:46 - 2017-03-18 13:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-24 18:44 - 2013-10-09 11:18 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-11-24 17:43 - 2017-05-22 00:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-24 17:38 - 2017-05-22 01:02 - 001946386 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-24 17:38 - 2017-05-22 01:02 - 000508454 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-24 17:38 - 2017-05-22 00:27 - 000007208 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-24 17:26 - 2013-10-31 18:25 - 000000000 __RDO C:\Users\April\SkyDrive
2017-11-24 17:25 - 2016-05-19 00:27 - 000000000 __SHD C:\Users\April\IntelGraphicsProfiles
2017-11-24 14:54 - 2017-08-23 23:24 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForApril.job
2017-11-24 14:54 - 2017-05-22 01:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-24 14:53 - 2017-05-22 10:03 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-24 14:53 - 2015-01-31 06:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-11-24 14:53 - 2014-03-06 20:04 - 729465080 _____ C:\WINDOWS\MEMORY.DMP
2017-11-24 11:11 - 2017-04-28 00:03 - 000000000 ____D C:\Users\April\AppData\Local\ntuserlitelist
2017-11-24 08:52 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-24 07:28 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-24 07:28 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-24 06:53 - 2015-01-22 12:33 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-11-24 06:52 - 2017-05-22 01:15 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-11-24 06:47 - 2015-01-22 12:33 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-11-24 02:45 - 2017-04-27 21:51 - 000000000 ____D C:\Users\April\AppData\Local\BeautifyDesktop
2017-11-23 23:29 - 2017-05-22 01:15 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1E0E4AD9-125A-46E6-839B-185C01240A94}
2017-11-23 23:09 - 2015-01-31 06:47 - 000000000 __RSD C:\Users\April\Documents\McAfee Vaults
2017-11-23 22:34 - 2017-07-15 21:50 - 000001291 _____ C:\Users\April\Desktop\Google Chrome.lnk
2017-11-23 02:45 - 2017-08-23 23:24 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForApril
2017-11-21 20:18 - 2017-10-13 13:59 - 000000000 ____D C:\Users\April\AppData\LocalLow\Canon Easy-WebPrint EX
2017-11-21 09:02 - 2017-03-18 03:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-20 22:08 - 2015-01-22 12:09 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-17 22:24 - 2017-05-22 00:28 - 000000000 ____D C:\Users\April
2017-11-17 19:49 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-15 18:54 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-15 18:46 - 2013-10-10 21:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-11-15 18:45 - 2013-08-22 05:25 - 000000301 _____ C:\WINDOWS\win.ini
2017-11-15 18:32 - 2013-10-02 07:03 - 000000000 ____D C:\Users\April\AppData\Local\ElevatedDiagnostics
2017-11-15 18:05 - 2016-02-13 05:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-15 18:00 - 2017-03-18 13:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-15 17:58 - 2017-05-22 00:19 - 000405488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 17:56 - 2014-06-12 10:19 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAPRILKAY$.job
2017-11-15 17:55 - 2017-03-18 03:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-15 17:52 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 17:52 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 17:52 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 17:52 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 17:52 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 17:30 - 2017-05-22 01:15 - 000003290 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAPRILKAY$
2017-11-15 15:04 - 2017-03-18 12:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 12:49 - 2017-05-22 01:15 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-15 12:46 - 2016-10-21 21:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-14 23:56 - 2017-05-22 01:15 - 000003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001UA1d257efe2e63987
2017-11-14 23:56 - 2017-05-22 01:15 - 000003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001Core1d257efe2a75280
2017-11-14 23:51 - 2017-05-22 01:15 - 000004538 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 23:51 - 2017-05-22 01:15 - 000004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-14 23:51 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 23:51 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-14 13:49 - 2013-10-02 07:27 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-13 23:33 - 2017-05-22 01:15 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 23:33 - 2017-05-22 01:15 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-06 19:01 - 2017-07-22 03:08 - 000000000 ____D C:\Users\April\Desktop\Adobe Acrobat XI
2017-11-05 01:58 - 2017-05-24 03:29 - 000000000 ____D C:\Users\DefaultAppPool
2017-11-04 17:40 - 2017-03-18 13:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 17:40 - 2017-03-18 13:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-02 14:17 - 2017-07-22 10:07 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2751042415-2246998964-2558403214-1001
2017-11-02 14:16 - 2016-05-19 00:41 - 000002405 _____ C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-29 10:33 - 2017-05-21 21:50 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-27 23:09 - 2017-05-22 01:23 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2017-10-27 23:09 - 2017-05-22 01:23 - 000001908 _____ C:\WINDOWS\diagerr.xml
2017-10-27 13:01 - 2016-11-27 08:53 - 000000000 ___RD C:\Users\April\Verizon Cloud Sync
2017-10-27 13:01 - 2013-10-11 11:06 - 000000000 ____D C:\Users\April\Tracing
2017-10-26 11:07 - 2015-04-28 15:30 - 000000000 ____D C:\Users\April\AppData\Local\LogMeIn Hamachi
==================== Files in the root of some directories =======
2017-04-13 12:22 - 2017-04-13 12:22 - 007639040 _____ () C:\Program Files (x86)\GUTEA25.tmp
2016-01-26 04:35 - 2017-01-05 01:05 - 000007595 _____ () C:\Users\April\AppData\Local\Resmon.ResmonCfg
2017-04-27 21:40 - 2017-04-27 21:40 - 000002048 _____ () C:\Users\April\AppData\Local\uninstallro.exe
2014-09-30 00:01 - 2014-09-30 00:01 - 000000000 _____ () C:\Users\April\AppData\Local\{26A95307-47D9-44BF-AF14-EABC861C7C64}
2014-09-29 00:01 - 2014-09-29 00:01 - 000000000 _____ () C:\Users\April\AppData\Local\{50328719-06DF-49DB-8B69-7C03A6642321}
2014-09-23 00:01 - 2014-09-23 00:01 - 000000000 _____ () C:\Users\April\AppData\Local\{6C04BF0D-0783-4B63-A191-87208C96AA0B}
2015-09-06 12:34 - 2015-09-06 12:34 - 000000000 _____ () C:\Users\April\AppData\Local\{7D82360C-B7B5-4ECC-B169-205C12967018}
Files to move or delete:
====================
C:\Program Files\Hola\app\hola.exe
Some files in TEMP:
====================
2017-05-31 07:34 - 2017-05-31 07:34 - 000010520 _____ () C:\Users\April\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-06-20 14:18 - 2017-06-20 14:18 - 002861152 _____ (Hola Networks Ltd.) C:\Users\April\AppData\Local\Temp\Hola-Setup-x64-1.34.855.exe
2017-09-05 22:45 - 2017-09-05 22:45 - 000175416 ____T (Symantec Corporation) C:\Users\April\AppData\Local\Temp\SCC.dll
2017-11-16 02:18 - 2017-10-17 14:01 - 000927784 _____ () C:\Users\April\AppData\Local\Temp\TAInstaller.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\fwcfg.dll
C:\Windows\SysWOW64\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll
C:\Windows\System32\fwcfg.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\ndistpr64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-11-17 02:11
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
Ran by April (24-11-2017 19:37:18)
Running from C:\Users\April\Desktop
Windows 10 Home Version 1703 15063.726 (X64) (2017-05-22 11:11:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2751042415-2246998964-2558403214-500 - Administrator - Disabled)
April (S-1-5-21-2751042415-2246998964-2558403214-1001 - Administrator - Enabled) => C:\Users\April
DefaultAccount (S-1-5-21-2751042415-2246998964-2558403214-503 - Limited - Disabled)
Guest (S-1-5-21-2751042415-2246998964-2558403214-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2751042415-2246998964-2558403214-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
4 Elements II (HKLM-x32\...\WTA-ef65e410-974d-46a7-bc19-e92d9f4d7e90) (Version: 2.2.0.98 - WildTangent) Hidden
Active@ Boot Disk 10 (HKLM-x32\...\{9770BCC6-C50D-41D7-AE07-5B796D630052}_is1) (Version: 10 - LSoft Technologies Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.6 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{49F51ACB-7CDD-3728-1E9E-49398FF8BA95}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AVIGenerator 1.8.0.0 (HKLM-x32\...\AVIGenerator) (Version: 1.8.0.0 - )
Bejeweled 3 (HKLM-x32\...\WTA-e35bc750-31fc-4947-b563-7eeaf2884b61) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (HKLM-x32\...\WTA-c6f54e1e-b78f-4eb7-b83f-9dc46e5b44c6) (Version: 2.2.0.98 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.01 - Canon Inc.)
Canon TS5000 series On-screen Manual (HKLM-x32\...\Canon TS5000 series On-screen Manual) (Version: 1.1.0 - Canon Inc.)
Canon TS5000 series User Registration (HKLM-x32\...\Canon TS5000 series User Registration) (Version: - Canon Inc.)
Chuzzle Deluxe (HKLM-x32\...\WTA-742ccb6f-b1bf-49dc-a215-1e958ad66a38) (Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-837a9cfe-991c-46c5-b0bb-e7008be29aad) (Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-89dfc2e3-cf01-4092-9088-1e0a87819cbb) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DragonBoost (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\DragonBoost) (Version: - ) <==== ATTENTION
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (HKLM-x32\...\WTA-073d8289-e4b7-451f-9203-b739d5aeab0c) (Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (HKLM-x32\...\WTA-be44d8a2-c7ed-4257-ad57-67a66b8e946b) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-96e9659b-ea02-4dbe-a569-4803e370d1ac) (Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (HKLM-x32\...\WTA-c9eba096-c976-4c75-ad23-db15430a459d) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-86cbf3bf-b897-4b80-9d18-e7e1aa6b6e0c) (Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hola™ 1.70.574 - Better Internet (HKLM\...\Hola) (Version: 1.70.574 - Hola Networks Ltd.) <==== ATTENTION
Hoyle Card Games (HKLM-x32\...\WTA-65da518b-433c-448f-8303-616cb8dbc34b) (Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{F244D07D-1876-4CDD-914D-214E15A8D327}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\HPConnectedMusic) (Version: 1.1 (build 106) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.8.37.11 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1434 - HP Inc.)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
IHA_MessageCenter (HKLM-x32\...\{3EECDAD2-50D8-41B2-A8BA-359ED85D2D5F}) (Version: 1.9.1 - Verizon)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.2.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPCMultiViewSetup (HKLM-x32\...\{1C375B52-884F-40C1-A962-7F20048A7420}) (Version: 1.0.0 - IPCamera)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-db329c41-02b5-4c0d-90c5-0a422c4a4ace) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-fea4321d-d522-4a20-b715-1e89256e3701) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 13.1.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.1.6 - KLCP)
KMSpico v9.0.4.20131110 (Beta2) (HKLM\...\KMSpico_is1) (Version: 9.0.4.20131110 - )
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Luxor Evolved (HKLM-x32\...\WTA-40a1e484-65e8-44b4-ac98-65377b9ab27b) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32\...\WTA-61987586-0ab0-4606-9df6-c27b15c18995) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4981.1001 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Provider Services (x86) ENU (HKLM-x32\...\{77610794-D144-422E-82B2-77BBE9052FDA}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
Mortimer Beckett and the Crimson Thief Premium Edition (HKLM-x32\...\WTA-e380f873-2320-4813-9a4e-f3148386489e) (Version: 2.2.0.98 - WildTangent) Hidden
MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (HKLM-x32\...\{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}) (Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.4.0 (HKLM\...\{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}) (Version: 5.4.0 - Motorola Inc.) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-385406e8-ac4b-4241-b42a-408bfc920bbe) (Version: 2.2.0.98 - WildTangent) Hidden
Nero 8 Micro 8.3.6.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.6.0 - Updatepack.nl)
NetViewer 2.1.348.0 (HKLM-x32\...\NetViewer) (Version: 2.1.348.0 - )
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-6a634b0f-fe68-4c90-bd5c-7d3226690a21) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-93ddd3cf-ffcf-4017-969d-8cf4a8fc7763) (Version: 2.2.0.98 - WildTangent) Hidden
PlayBack 1.0.1.14 (HKLM-x32\...\PlayBack) (Version: 1.0.1.14 - )
Polar Bowler (HKLM-x32\...\WTA-9bdfb1ba-787f-40f6-8803-2da3af3a1938) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-201ac228-bcd5-4839-95a2-cb5a9f228b17) (Version: 2.2.0.98 - WildTangent) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{58BC91D0-42E7-125D-F9B6-F2F5C0CDB096}) (Version: 9.0.715.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-e7fce72e-fa39-48d9-b326-239dae7772d0) (Version: 2.2.0.98 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
Tales of Lagoona (HKLM-x32\...\WTA-692ce175-eb92-4d57-a952-b0d69f8f66fc) (Version: 2.2.0.110 - WildTangent) Hidden
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2449D2C4-C30E-4854-9A5E-59AA60DE216B}) (Version: - Microsoft)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UserTesting.com Recorder Plugin (HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\UserTestingPlugin) (Version: - UserTesting.com)
Vacation Quest™ - Australia (HKLM-x32\...\WTA-7e5996d0-ae63-495c-8e4c-942a5e5e23f8) (Version: 2.2.0.98 - WildTangent) Hidden
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: 15.3.7.9 - Verizon)
Verizon Online Backup and Sharing for PC (HKLM-x32\...\{00CBEAB1-3FF4-4A94-AA71-237297D75526}) (Version: 5.1.24.11 - Verizon)
Verizon Online Share Drive (HKLM-x32\...\{606DBC4C-CFC8-4437-A2D8-64A88351BB47}) (Version: 2.1.11 - Verizon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZPlayer version 1.0.15.0 (HKLM-x32\...\{A75F6799-58BE-4cfa-AA94-8A9173C6AA7B}_is1) (Version: 1.0.15.0 - )
Zuma's Revenge (HKLM-x32\...\WTA-bb74e17d-6a9d-4992-a1bf-59e639543a0a) (Version: 2.2.0.98 - WildTangent) Hidden
Zviewer version 2.0.0.10 (HKLM-x32\...\{1B00336F-393F-4DC7-9956-42C69ED6565E}_is1) (Version: 2.0.0.10 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-26] (Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers1: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-12-03] (Synchronoss Technologies Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-26] (Cyberlink)
ContextMenuHandlers4: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-12-03] (Synchronoss Technologies Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-12-03] (Synchronoss Technologies Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers6: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-12-03] (Synchronoss Technologies Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03516F4F-0CA0-42C0-A53F-36384E5CB315} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {08F1B00C-84DB-4F97-AC9D-6E1D1651A152} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0FF914FB-019D-4A3B-B2E2-A42FFF4E2177} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1893CD82-97F3-4F46-9241-A24F6000BF51} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {19B45630-1933-4C9A-AA47-8569C68A7D3B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1EABA3E7-E481-4536-B0F7-8E7998D9D39C} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {1F70A3FF-F9A3-4C92-AE67-75E107E6C729} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {25FD071C-454F-4626-9216-3B3C03522C14} - System32\Tasks\HPCeeScheduleForApril => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {2A23B3FB-93B4-424D-B4B8-3142D95620FC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-16] ()
Task: {2A5C7EE7-67F5-4D07-A6CE-BA80D704CEE1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {2B4BC560-AF1C-4EDE-A075-E1010AFD3CBC} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {305D3FF9-FD13-4933-8213-DE556BAC4318} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001UA1d257efe2e63987 => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {338D5739-A62F-48EB-825D-B3583A072594} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3795C737-5A09-4980-91E8-DB965BD343CB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {3D641F02-80B9-488E-A6EC-39BC981AB4D3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001Core => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3E5D69AD-FAAE-47E9-9512-ED83D6EB8328} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {3F716B81-CE98-4DC4-86A2-0E034BD0274F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {41B20BC2-667A-4FF3-8B74-C0CB73F78C8C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001UA => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {42B07A2F-EE96-4D9D-ADAA-8E058A837C38} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {438FF447-4C42-4A66-9F8E-45EA37A26D8E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {453BF074-2835-4457-BD55-567FC4BC13F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {4C873FCD-2F87-44C3-AE28-2CECF9BB4645} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {516DC611-9D8F-472E-A5FA-E0BC96E04CCB} - System32\Tasks\HPCeeScheduleForAPRILKAY$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {52AF8A46-4A6F-4BBD-B107-12B5D66D8637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {53ACC885-D0EF-446D-97DB-5B5B9A368ED4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {59E8A881-1394-45E8-9721-AE22227B6186} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {5C3E60E8-2B3C-4A6E-B88A-9488084B00B7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {5C8C518B-5F80-44EE-8805-67BD1F123601} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6AC31E10-BBB9-49B7-8820-2EBBE618CCF0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-10] ()
Task: {6BB952AB-9BE0-4CE2-A6BA-B9C486B0F50A} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {7C55B1F4-8F4E-4C5C-9170-FF8A65D3FCF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {7E4D6F1A-F926-4D1B-9E02-1611C15F5A16} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7EE9C0AB-9F00-4AA6-84F3-49216534F39C} - \WPD\SqmUpload_S-1-5-21-2751042415-2246998964-2558403214-1001 -> No File <==== ATTENTION
Task: {87FABF81-9ADD-4872-AE58-C151210D4CD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {88126F71-7126-4B04-AD7D-6D848BEAB97B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {8AB20F1F-B79E-4C1C-B636-AEFCE85B0434} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: {8BF5180A-EC42-453A-9E50-A7A74AED0B98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8E98C408-C55D-47EA-AC21-28F7E696F55E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {90DB022D-742E-43C4-B006-2D5679C1DA89} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {94D35FC4-BF49-44F8-A3BC-50282E2A59FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {A3206F36-1B48-4A73-BFF1-56DA74FC0138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2A96232-71C1-48B7-A7B0-AC9AE7D8D2E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BD74DDFA-4AB0-4379-B2F4-D558BFE44FCF} - System32\Tasks\{531BBD63-DB5D-4531-A255-17EEC2DEB6F2} => C:\WINDOWS\system32\pcalua.exe -a F:\setup.exe -d F:\
Task: {C6687B24-0D24-49E1-AF81-8CAA842D2F9B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CA1A7FB1-DF48-429F-A1B2-67374C921951} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-04-27] (Synaptics Incorporated)
Task: {CD321F0F-AA3B-4033-879F-B9FB731F6C76} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {D2DBB54F-F9FA-4E0C-A688-D60E872C26BD} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves) <==== ATTENTION
Task: {D917C74E-6C91-4389-B1B9-528600A7069C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001Core1d257efe2a75280 => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F037890D-BBFF-4886-8EC6-6C641AEDA471} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FC108894-32D3-4230-80D4-90824E1AA4E3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {FC9A8789-6F92-4F92-BD92-1CFCA142A738} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {FF0EE298-FC3A-4696-B70C-E4986F1C8FC5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001Core.job => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2751042415-2246998964-2558403214-1001UA.job => C:\Users\April\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForApril.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAPRILKAY$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\April\Desktop\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
ShortcutWithArgument: C:\Users\April\Desktop\Vorsprung.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=henidbeahjgfpjmfakeeimkiikbijiph
ShortcutWithArgument: C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
ShortcutWithArgument: C:\Users\April\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vorsprung.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=henidbeahjgfpjmfakeeimkiikbijiph
ShortcutWithArgument: C:\Users\April\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
ShortcutWithArgument: C:\Users\April\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 12:57 - 2017-03-18 12:57 - 000377344 _____ () c:\windows\system32\SSDM.dll
2014-05-06 02:37 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-01-05 16:36 - 2017-01-05 16:36 - 000077824 _____ () C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe
2017-03-18 12:58 - 2017-03-18 12:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-21 02:26 - 2017-01-31 04:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-03-29 18:04 - 2017-03-29 18:04 - 000833024 ____N () C:\windows\system32\tprdpw32.exe
2017-03-18 12:59 - 2017-03-18 18:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-14 13:49 - 2017-11-10 01:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-14 13:49 - 2017-11-10 01:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-10-27 21:21 - 2017-10-27 21:21 - 000927744 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-10-19 12:18 - 2017-10-19 12:18 - 001089536 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2016-09-21 22:32 - 2016-09-21 22:32 - 000224768 _____ () C:\Program Files (x86)\ntuserlitelist\dataup\help_dll.dll
2013-05-29 09:20 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-05-29 09:38 - 2012-06-07 19:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-08-02 21:40 - 2017-08-02 21:40 - 053460480 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 001976832 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 000075264 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 017599640 _____ () C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D5FBE8F9 [362]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\hola.org -> hxxp://hola.org
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 05:25 - 2017-05-01 05:01 - 000000909 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\April\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: Dataup =>
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: IHA_MessageCenter => 2
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: srcsrv => 2
HKLM\...\StartupApproved\StartupFolder: => "Verizon Online Backup and Sharing for PC.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "VerizonCloud"
HKLM\...\StartupApproved\Run: => "hola"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "HP CoolSense"
HKLM\...\StartupApproved\Run32: => "ICF"
HKLM\...\StartupApproved\Run32: => "Vault Explorer Cache Watcher"
HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "NielsenOnline"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "SynchronossPC"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "B6DBB8B0EDF4FDF67A5BF46CB3DA12E3F5D4E945._service_run"
HKU\S-1-5-21-2751042415-2246998964-2558403214-1001\...\StartupApproved\Run: => "AccelerometerSysTrayApplet"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{69344EA6-C276-45DD-BEA8-32C597A72C20}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{A9E2BF3D-B013-4AC7-8CE1-FA3915A9539E}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{48F47431-7D24-424F-929B-C21633AEDFED}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{4AB60FF8-5141-481C-80B6-A74B2E92F4AB}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{4886DE56-A5D5-426B-8A8A-1A7D3132EF66}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
FirewallRules: [{C8A0D15C-AF6A-4242-A5C2-41E759951A44}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
FirewallRules: [{F6F16DE1-98D7-45BA-B055-5ACCBEF481AE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
FirewallRules: [{655934D3-8BBC-4940-BEE8-34B2B7AD0171}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
FirewallRules: [UDP Query User{C1D52EAC-43F5-42D2-8E22-7972566CC5E9}C:\program files (x86)\ipcamera\ipcmultiviewsetup\ipcmultiview.exe] => (Block) C:\program files (x86)\ipcamera\ipcmultiviewsetup\ipcmultiview.exe
FirewallRules: [TCP Query User{779270A1-F147-4B3B-9C70-A21765136A14}C:\program files (x86)\ipcamera\ipcmultiviewsetup\ipcmultiview.exe] => (Block) C:\program files (x86)\ipcamera\ipcmultiviewsetup\ipcmultiview.exe
FirewallRules: [{13EB5F1E-6B8B-470D-BC19-10D4398F9216}] => (Block) D:\program files\monitorclient\monitorclient.exe
FirewallRules: [{08D10294-1410-4A3E-AF77-B25896F462AF}] => (Block) D:\program files\monitorclient\monitorclient.exe
FirewallRules: [UDP Query User{DFE753D1-7A02-4794-9D5C-AF7564887EBC}D:\program files\monitorclient\monitorclient.exe] => (Allow) D:\program files\monitorclient\monitorclient.exe
FirewallRules: [TCP Query User{A66DDB3B-059C-4EB2-B992-97A80F1AFCE3}D:\program files\monitorclient\monitorclient.exe] => (Allow) D:\program files\monitorclient\monitorclient.exe
FirewallRules: [{BA3B28B6-4F00-44D7-BCFE-AF3ADE3E6259}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{30262F81-23BA-433A-958B-DEC1DEEBAA6A}] => (Block) C:\windows\explorer.exe
FirewallRules: [{D14A2E00-7D34-4F8E-8AAA-34C0423D08A0}] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7AE7D2F5-FC21-49EE-BCB3-25DD4FBD9B3E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{14B79A07-8BB6-4FBC-AA18-29D741AF664D}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{CEE2CD96-ED8C-414B-B4CD-A4A81E800219}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FB03DCE2-E75F-4D17-9F5D-1DCF5EE16AF5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{E54536A0-DA5D-434C-BE07-85FF401E3859}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{91E66480-C3A2-46D0-9718-4A2D98BEE944}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{13024E76-2783-4E98-A90B-4C54D19495F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7FA24806-2CBB-4F20-A5CE-AE0BC3D6F121}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C0C196EA-89C5-4A79-ADD7-CEDAE58E5C42}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{8200E0E5-9791-409E-9075-3D9C7C2C4612}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{F7718A7C-CCAC-4C37-8C85-11A43A0462C8}] => (Allow) LPort=1900
FirewallRules: [{DB3C1C48-9E1E-4AB0-BD7E-3A4BD2DA1B10}] => (Allow) LPort=2869
FirewallRules: [{16371F78-D612-4132-81C9-F207E932A83B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{285852D1-0298-466E-B733-F0F299B6D61D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [UDP Query User{0AA1CDCC-60EC-426F-9CAC-6C1BFA5874B3}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [TCP Query User{4C71533B-AA4D-4087-9DFC-3490B98B6450}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{A36A265E-C138-4243-A1EA-7245BEEEBBAD}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{33E8404E-5B2B-4A09-86CB-145E73CBBEC9}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{15E60878-84D0-4CDE-95B6-CB8B388CF4F6}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{50D863C6-26A6-4B37-927D-5BAED4D94FA2}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{7717F3A5-9313-495B-921E-BA60DD71B48B}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{2A26215E-8756-4154-BC41-DA42E14A9DFD}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{5E8DEA8B-1073-4C0A-94A3-71FFDDDA0257}] => (Allow) LPort=50001
FirewallRules: [{9F99C153-83A5-40C5-B669-24004E1BF4C3}] => (Allow) LPort=50001
FirewallRules: [{1E346B2F-CE6D-4746-978C-BAD77B46D8E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4199D330-6042-4E05-8F40-1141DACEE114}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{082B9F60-5B49-4256-99DC-4173DC5324CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F64D0D1E-6149-4B92-B468-B74B6FEF264B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{08D0E0D2-2ED8-44D4-BE78-0CB7B5AB6F9E}] => (Allow) C:\Users\April\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{64B0DECC-1868-4A54-B953-E0A74A2FFE17}] => (Allow) C:\Users\April\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8D7D7100-B49B-4F29-AA25-D2F5D57D843F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8EA5B1F-0B6C-4694-AA10-0E657153E4F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15A550E7-83AC-46EA-B3ED-64AFE9210249}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9697158D-9658-4384-ABA4-0AF72908ADCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{57F71D08-A4A5-4AC6-BC88-8B9DB6934CCD}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{03509DE6-7700-4589-B368-2CF6C5A00A52}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{0DE11640-C9D3-4551-9FA9-D5970EEB5931}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6ACC7BBA-5024-4697-ABD9-28BC4E3B1C46}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{1B22E9B2-E888-4B88-AA0D-980430484F35}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{639F83C0-0558-48D1-A9AD-25D8F958E4A1}] => (Allow) C:\Users\April\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0E2B5A12-751A-4D76-9E1E-9BD6789460F8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1279E2F1-665E-4F11-A994-68DE770FF422}] => (Allow) LPort=50000
FirewallRules: [{9878B87B-C99B-47A5-A263-97F749F6C058}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{A96A41AF-0BEF-455F-B831-59CFD004F094}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{26057D9B-BC02-4756-B646-B30314D4451C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{363960B3-01A0-4395-8E91-DC26565DA3FB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{64B8F316-9227-4DD1-A882-CAC6A9440A1F}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{98C62D48-C5BD-48C2-8D61-BCB565274836}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{AC5FAF73-EB8C-4EB8-814A-F9E4D160B18A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
28-10-2017 03:22:19 Scheduled Checkpoint
05-11-2017 14:48:35 Scheduled Checkpoint
15-11-2017 14:29:22 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/24/2017 06:31:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 52.4.0.6242, time stamp: 0x00000000
Faulting module name: d2d1.dll, version: 10.0.15063.675, time stamp: 0x753d3443
Exception code: 0xc0000005
Fault offset: 0x002bd8e6
Faulting process id: 0x217c
Faulting application start time: 0x01d365953daf53e2
Faulting application path: C:\Users\April\Desktop\Tor Browser\Browser\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\d2d1.dll
Report Id: 0e72e8ff-b0a7-4802-9581-cfb7485dcea0
Faulting package full name:
Faulting package-relative application ID:
Error: (11/24/2017 06:30:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: APRILKAY)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/24/2017 05:36:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 52.4.0.6242, time stamp: 0x00000000
Faulting module name: d2d1.dll, version: 10.0.15063.675, time stamp: 0x753d3443
Exception code: 0xc0000005
Fault offset: 0x002bd8e6
Faulting process id: 0x281c
Faulting application start time: 0x01d3658d03a56f12
Faulting application path: C:\Users\April\Desktop\Tor Browser\Browser\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\d2d1.dll
Report Id: f983c8d7-c2ea-4f47-ae90-715a584e5ea3
Faulting package full name:
Faulting package-relative application ID:
Error: (11/24/2017 05:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1822594
Error: (11/24/2017 05:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1822594
Error: (11/24/2017 05:24:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/24/2017 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5500
Error: (11/24/2017 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5500
Error: (11/24/2017 04:54:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/24/2017 04:54:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4297
System errors:
=============
Error: (11/24/2017 07:50:55 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:50:53 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:50:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:50:49 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:48:33 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:48:31 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:48:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:48:26 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:34:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/24/2017 07:34:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
CodeIntegrity:
===================================
Date: 2017-11-24 19:36:57.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 19:36:57.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 19:36:36.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 19:36:36.411
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 19:34:49.466
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 19:34:49.461
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 18:58:16.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 18:58:16.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 18:30:42.170
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-24 18:30:42.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 59%
Total physical RAM: 6036.27 MB
Available physical RAM: 2423.56 MB
Total Virtual: 7686.27 MB
Available Virtual: 3532.92 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:672.21 GB) (Free:476.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.8 GB) (Free:2.92 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================