Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Freezing, White Screens (w/Blue Circle Spinning), Networking/Permission Issues


  • This topic is locked This topic is locked
8 replies to this topic

#1 cfguy

cfguy

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 AM

Posted 10 December 2016 - 10:49 AM

Dear Bleeping Computer,

 

I am a long-time fan of your site and have followed some of your troubleshooting with great interest over the years.  However, now I believe that I might have some issues on my own system that I am unsure of how to progress in resolving.

 

My computer has been "sluggish" for a while, despite my being very attentive to routine system cleanup of things like temp files.

There are many times when my computer seems to "freeze" with a white screen, and spinning blue circle, when I am not able to type of do anything else while I wait for it to come out of this state (usually about 1-3 minutes).

 

Also, I am having problems with HomeGroup discovery and joining, despite the computer showing up on my network - when I click to access it, I will receive error messages such as "the remote device will not accept the connection:", or "you do not have permission to access this computer", despite my having done everything possible to troubleshoot network and sharing issues, and while having no problems accessing other computers on the network (the moment that I click on them).

 

Additionally, I recently ran a "Speccy" report that stated, "network discovery" was not enabled, but when I go into Window's networking advanced sharing setting, it shows that network discovery *IS* enabled.  Speccy also reports that iPv6 is not enabled, whereas again my network adapter card says that iPv6 *IS* enabled.

 

Finally, when trying to install a new security program from ToolsLib named "UnHackMe" (URL: https://toolslib.net/downloads/viewdownload/83-unhackme/) , the program terminated during installation with the message: "Error writing to registry key:
HKEY_CLASSES_ROOT\RNRFile\shell\open\commandRegSetValueEx failed; code 5.Access is denied."

 

As requested in your initial post instructions, I have run Farbar Recovery Scan Tool (x64 version), pasted the text of the FRST.txt file below, and have also attached the Addition.txt file to this post.

Thank you so much for your help with this.  I greatly appreciate it, and will look forward to hearing back from you.

 

***************** FRST.txt Contents Pasted Below***************************

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by cfguy (administrator) on cfguyDELLDESK (09-12-2016 20:24:13)
Running from D:\!Downloads
Loaded Profiles: cfguy (Available Profiles: cfguy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Bopsoft) C:\Program Files\Listary\Listary.exe
() C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music Helper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
() C:\Program Files\Listary\ListaryService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Thornsoft Development, Inc.) C:\Program Files (x86)\ClipMate7\ClipMate.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idman.exe
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(TriSun Software Inc.) C:\Program Files (x86)\TSSI\Advanced Recent Access\Advanced Recent Access.exe
(Digital Loggers, Inc.) C:\Program Files (x86)\Digital Loggers Inc\Personal Logger\Personal Logger.exe
(Code Sector) C:\Program Files (x86)\Direct Folders\df.exe
(FSPro Labs) C:\Windows\SysWOW64\ABossSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
() C:\Program Files\JPSoft\TCMD20\Everything.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Code Sector Inc.) C:\Program Files (x86)\Direct Folders\df64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files\Listary\ListaryHelper64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Tracker Software Products (Canada) Ltd.) C:\Program Files\Tracker Software\PDF-XChange 5\pdfSaver5.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\ScreenshotReader\11.00\Licensing\NetworkLicenseServer.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY Screenshot Reader 11\ScreenshotReader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(www.xyplorer.com) C:\Program Files (x86)\XYplorer\XYplorer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CANON DR-C125 SVC] => rundll32.exe DRDCSVC.DLL,EntryPointUserMessage
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16696832 2016-11-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-07-22] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Retail.SSR11] => C:\Program Files (x86)\ABBYY Screenshot Reader 11\ScreenshotReader.exe [1297936 2013-09-16] (ABBYY Production LLC)
HKLM-x32\...\Run: [PLSM] => C:\Program Files (x86)\Digital Loggers Inc\Personal Logger\Personal Logger.exe [1331712 2012-02-16] (Digital Loggers, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [2430240 2016-06-07] (IObit)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [ClipMate7] => C:\Program Files (x86)\ClipMate7\ClipMate.exe [5000320 2013-03-20] (Thornsoft Development, Inc.)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [RecentX] => [X]
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-10-13] (Siber Systems)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3998832 2016-11-24] (Tonec Inc.)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\Explorer: [NoSMBalloonTip] 0
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\AROUND~1.SCR
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-18\...\Run: [Norton Download Manager{NF29514-PROD-FSD40}] => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe /m
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [{6238B220-1311-4627-B3DC-55736E5BA95F}] -> {6238B220-1311-4627-B3DC-55736E5BA95F} => C:\Windows\system32\iMobileDisk.dll [2012-05-11] ()
ShellIconOverlayIdentifiers-x32: [{6238B220-1311-4627-B3DC-55736E5BA95F}] -> {6238B220-1311-4627-B3DC-55736E5BA95F} => C:\Windows\SysWow64\iMobileDisk.dll [2012-05-11] ()
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Advanced Recent Access.lnk [2016-05-16]
ShortcutTarget: Advanced Recent Access.lnk -> C:\Program Files (x86)\TSSI\Advanced Recent Access\Advanced Recent Access.exe (TriSun Software Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Direct Folders.lnk [2016-02-07]
ShortcutTarget: Direct Folders.lnk -> C:\Program Files (x86)\Direct Folders\df.exe (Code Sector)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RecentX.lnk [2016-12-03]
ShortcutTarget: RecentX.lnk -> C:\Program Files (x86)\Conceptworld\RecentX\RecentX.exe (Conceptworld Corporation)
BootExecute: autocheck autochk *  bootdelete
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 02 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 03 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 04 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 05 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 06 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 07 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 08 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 09 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 10 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9 21 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp.dll [743424 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 09 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 10 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Winsock: Catalog9-x64 21 C:\Program Files (x86)\Conceiva\DownloadStudio\plugins\dstudiolsp64.dll [821760 2014-08-22] (Conceiva Ltd.)
Tcpip\..\Interfaces\{140FAA87-F30B-4C0F-8E15-A6A2552F3DB4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1EBFECD6-8DBF-4389-BCFA-16BB073ADD3F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2C4B5672-8235-4DBB-AEE7-71F4AE67978D}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{540BD89F-67BA-49BB-B8D5-40666995FFBE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58847989-6774-4AD8-BA5C-610BE4B621C6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9D4E714C-5077-469A-AEAC-50830069BCA9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AACC5E4B-546F-4621-B9EA-ABA557F63A43}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B44B8C3E-25DF-472C-873D-6631807EA9A1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B89DE396-0D00-4FC8-ABF5-B81BBFE4C872}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E1288F2C-3A71-4EC9-A70C-E048DC65FBA9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E8B3A078-5B24-47B8-84A0-FCB6BD786EAA}: [DhcpNameServer] 192.168.5.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {11580498-CA5A-4D5D-8AA1-58BD00F66032} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {818BB5E8-63DF-4F20-8C39-207992DEA155} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}&rlz=1I7GGHP_en
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}&rlz=1I7GGHP_en
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {818BB5E8-63DF-4F20-8C39-207992DEA155} URL =
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000610&geo=US&ver=22&locale=en_US&guid=D05B9E94-79AE-4E72-8480-D85A809F3FA8&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-02-12] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-10-13] (Siber Systems Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-11-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-04] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-11-30] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-08-19] (Wondershare)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll [2012-07-19] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-10-13] (Siber Systems Inc.)
BHO-x32: DownloadStudio IE Add-on -> {8170D7DC-BDD6-461e-88EB-F047257898C9} -> C:\Program Files (x86)\Conceiva\DownloadStudio\DLMonitr.dll [2013-10-25] (Conceiva Pty Ltd)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-10-13] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM - &ClipMate ClipBar v7.5 - {F60C63CE-52AF-4915-AAC9-F100FCDE270F} - C:\Program Files (x86)\ClipMate7\ClipMateDeskBand.dll [2013-03-20] (Thornsoft Development, Inc)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-06-19] (Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-10-13] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-10-13] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-24] (Google Inc.)
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2013-02-01] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Postbox\Profiles\k0udngzt.default [2013-11-28]
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default [2016-12-09]
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\user.js [2016-03-02]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\o70jk1x8.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\o70jk1x8.default -> google.com
FF NetworkProxy: Mozilla\Firefox\Profiles\o70jk1x8.default -> type", 4
FF Extension: (FatWallet Express) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\addon@fatwallet.com.xpi [2016-04-21]
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\amznUWL2@amazon.com.xpi [2016-06-03]
FF Extension: (Automatic Save Folder) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\asf@mangaheart.org.xpi [2015-05-30]
FF Extension: (BackupFox) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\backupfox_959a5970_ada3_11e0_9f1c_0800200c9a66@mozillafirefoxextension.xpi [2016-04-28]
FF Extension: (Default Theme Engine - Personas Interactive) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\btpersonas@brandthunder.com [2016-04-27]
FF Extension: (InvisibleHand) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2016-11-09]
FF Extension: (Context Menu History) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\contextmenuhistory@garyking.xpi [2015-05-30]
FF Extension: (Custom Buttons) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\custombuttons@xsms.org [2016-03-21]
FF Extension: (Expire history by days) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\expire-history-by-days@bonardo.net.xpi [2016-09-08]
FF Extension: (Add-on Exporter) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\exportify@dactyl.googlecode.com.xpi [2016-11-30]
FF Extension: (Firebug) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-10]
FF Extension: (Font Finder) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\fontfinder@bendodson.com.xpi [2016-12-02]
FF Extension: (Open GMail with toolbar button) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\gmail@borsosfisoft.com.xpi [2016-04-27]
FF Extension: (Email This! Bookmarklet Extension) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\gmailthis@lazyrussian.com.xpi [2016-04-27]
FF Extension: (Wiktionary and Google Translate) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\googledictionary@toptip.ca.xpi [2016-11-30]
FF Extension: (savetexttofile) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\HighlightedTextToFile@bobbyrne01.org.xpi [2015-12-01]
FF Extension: (History Export) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\histexp@cycledlm.gmail.com.xpi [2013-03-12] [not signed]
FF Extension: (History Button) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\historybutton@darktrojan.net.xpi [2014-02-13] [not signed]
FF Extension: (I-Shop) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\icici@compareraja.com.xpi [2015-12-10]
FF Extension: (IMDb Info) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\imdbinfo@freeware.ro.xpi [2014-05-23] [not signed]
FF Extension: (Translate This!) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2016-11-05]
FF Extension: (New Tab by Yahoo) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2016-11-18]
FF Extension: (Save as EPUB) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\kevin.corre@etu.univ-orleans.fr.xpi [2016-04-28]
FF Extension: (Save Images) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\LDSI_plashcor@gmail.com.xpi [2016-04-30]
FF Extension: (List Open URLs) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\listopenurls@neoegm.xpi [2016-04-27]
FF Extension: (Open Bookmarks in New Tab) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\openbookmarkintab@piro.sakura.ne.jp.xpi [2016-02-10]
FF Extension: (Open Link in New Tab) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\openlinkintab@piro.sakura.ne.jp.xpi [2016-01-15]
FF Extension: (Print Edit) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\printedit@DW-dev.xpi [2016-11-26]
FF Extension: (Print pages to PDF) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\printPages2Pdf@reinhold.ripper [2015-05-29]
FF Extension: (Google Maps Saved Locations ) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\royce@mozilla.com.xpi [2016-04-28]
FF Extension: (Save-To-Read) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\save2read@konstantin.plotnikov.xpi [2016-04-28]
FF Extension: (Save My Tabs) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\savemytabs@dmitriy.khudorozhkov.xpi [2016-04-28]
FF Extension: (Save Session) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\savesession@noasobi.net.xpi [2016-04-27]
FF Extension: (Show History Popup) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\showhistorypopup.vaka@gmail.com.xpi [2016-04-27]
FF Extension: (The Ultimate Free Stock Photo Search Addon) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\stockphotofeeds@stockphotofeeds.com.xpi [2016-04-27]
FF Extension: (Tab History Redux) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\tab-history-redux@efinke.com.xpi [2015-05-29]
FF Extension: (Thumbnail Zoom Plus) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2016-06-16]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\tineye@ideeinc.com.xpi [2016-09-04]
FF Extension: (URL Shrink Easy) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\tkuse@telekawaru.com [2016-04-28]
FF Extension: (Google Translator for Firefox) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\translator@zoli.bod.xpi [2016-04-28]
FF Extension: (Video WithOut Flash) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\vwof@drev.com.xpi [2015-10-03]
FF Extension: (Mail and Save) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\wikit@example.net.xpi [2016-04-27]
FF Extension: (Screenshot Pimp) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{056d0610-e44d-11df-bccf-0800200c9a66} [2016-04-27]
FF Extension: (DownloadStudio Integration) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{0851d9cd-87db-4a0d-a792-097dc9071486} [2015-08-30] [not signed]
FF Extension: (FxIF) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2015-07-29]
FF Extension: (FlashGot) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01]
FF Extension: (Garmin Communicator) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-12-15] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-05-29]
FF Extension: (CouponsHelper) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{239cc760-75a9-4276-b1fc-c0ceb963f373}.xpi [2016-04-27]
FF Extension: (Stay-Open Menu) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{3541c267-2580-4144-854e-2e05c8670121}.xpi [2016-08-16]
FF Extension: (Real Player Service) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{5b5e15e8-7d3b-46cb-9355-011ac2dc5f7d}.xpi [2015-12-20] [not signed]
FF Extension: (Save Link in Folder) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{7a46f9fe-4818-4837-ae4a-39c53978ae99}.xpi [2015-12-14]
FF Extension: (iMacros for Firefox) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2016-08-28]
FF Extension: (Save Text Area) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{8522e648-adce-469a-8c3a-18659a6ab6e3}.xpi [2016-04-26]
FF Extension: (Ookong) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{95969329-aa35-473a-b537-3f6f62c0ba23}.xpi [2016-04-26]
FF Extension: (Font Finder) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{a658a273-612e-489e-b4f1-5344e672f4f5}.xpi [2016-12-02]
FF Extension: (ebaymotorssaveenlargedpix) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{b4ccac04-ec4f-41fc-8ba6-30b69b6a26a7}.xpi [2016-04-27]
FF Extension: (Video DownloadHelper) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (ebayitemdescriptionsaveenlargedp) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{ba2430e0-5b72-4cac-bc9e-7d1aaca75d3d}.xpi [2016-04-27]
FF Extension: (Sothink Flash Downloader for Firefox) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi [2013-04-12] [not signed]
FF Extension: (Title Save) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{BDE27AC7-3317-44a2-9662-D3A888FBED0D} [2016-04-26]
FF Extension: (Saved From URL) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{be102f2d-bf47-49db-8dcc-a2ccd1c8d376}.xpi [2016-03-09]
FF Extension: (Backward/Forward History Dropdown) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{c6fb3a99-0bf0-4ab3-9b5b-9fe631d6cde3}.xpi [2016-04-28]
FF Extension: (RightToClick) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2016-10-15]
FF Extension: (MPEG4 Manager Plus) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{d09dfb3e-6f50-4bf3-9462-2e596dc25a51}.xpi [2016-05-24] [not signed]
FF Extension: (Greasemonkey) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-20]
FF Extension: (Bookmark POST) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\Extensions\{ff1f8614-6b3b-42d0-be8d-5c8f27b9daa9}.xpi [2016-04-27]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon [2016-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.5.14\coFFFw => not found
FF HKLM-x32\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-07-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2015-09-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: (RoboForm Toolbar) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-10-13]
FF HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Chris\AppData\Roaming\IDM\idmmzcc5 [2016-11-21] [not signed]
FF HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-10-28] (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-10-29] (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.6.13 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-03-23] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-02-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-02-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-02-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.6.13 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-03-23] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1283994605-1191266653-554872468-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1283994605-1191266653-554872468-1000: vsee.com/VSeeDetection -> C:\Users\Chris\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2015-07-22] (VSee Lab)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-03-23] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-03-23] (RealPlayer Cloud)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> t
CHR Plugin: (Widevine Content Decryption Module) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\WidevineCdm\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll => No File
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2016-12-09]
CHR Extension: (PhotoMania) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajjfnbkfaofifbiflcicanlgaiafcamj [2015-01-31]
CHR Extension: (Textcraft) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\alkilhboimleigdblhagakfnfdalebbm [2016-10-30]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2016-10-03]
CHR Extension: (SPOI Options (Please remove me)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2014-11-26]
CHR Extension: (Pookatoo) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\benjmlnkdbdehnnompaljooimmmdofbi [2016-11-03]
CHR Extension: (Fotor Photo Editor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2016-07-12]
CHR Extension: (Simple Image Resizer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bficingcnodlbbildpbnjdgcmbipgnbi [2015-01-31]
CHR Extension: (Ribbet Photo Editor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bikpkcdadljalhghbbipfkkhocppkhob [2016-01-06]
CHR Extension: (Web2PDFConverter) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk [2013-05-30]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (YouTube Uploader for Dropbox, Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohlpmbngemggkpioibiahganclljlag [2015-12-09]
CHR Extension: (The Quotebase) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cendcmamnonohphkmjmnhaobffompple [2015-01-31]
CHR Extension: (Pixsta) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijncchffkmlnfdbnkkfclcbnjcoegjc [2016-06-07]
CHR Extension: (Logo Maker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciojdpgahhgdpmlhnocojjfhkfdmemdh [2014-04-02]
CHR Extension: (Norton Security Toolbar) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-12-03]
CHR Extension: (MockFlow) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldcgifnkcmflfjfbhedkdfecbaakmcd [2015-03-07]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (Search by Image (by Google)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Make the Logo Bigger) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\deebfffgmhmombfphcbeknkipbfklmna [2014-04-02]
CHR Extension: (PicMonkey Extension) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl [2014-06-05]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-06-14]
CHR Extension: (Search any book) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfohkaljfgcdngnphcihogakoglccff [2014-05-26]
CHR Extension: (BannerSnack - Banner Maker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedglhfhdcaljpbdklmabmbjonmedhb [2015-01-31]
CHR Extension: (Click to Tab) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2016-02-27]
CHR Extension: (500px) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja [2014-11-26]
CHR Extension: (Pixlr-o-matic) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2015-01-31]
CHR Extension: (Share link via email) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2016-10-03]
CHR Extension: (Free Kindle ebooks UK) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofiegpdecgfnpajjddadpionclnpeef [2014-05-26]
CHR Extension: (PicMonkey) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2016-06-21]
CHR Extension: (Glowtxt) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkcilhknnakepbgkpmhhebooffgefidk [2016-10-28]
CHR Extension: (Print this page with CleanPrint) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf [2016-11-19]
CHR Extension: (Flexi eBooks) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnldomflbenlmacglgbeahodagmngbm [2015-12-16]
CHR Extension: (Any New Books) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gefphpbilnknofmmmjlgekgeclgajehk [2015-01-31]
CHR Extension: (Picadilo) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\geljjpapbfokifgnlnpdbiplebdhlein [2015-01-07]
CHR Extension: (Wallpaper Backgrounds - Free Wallpapers) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gggpfgbncdijopafhadglgjglomiaoba [2013-09-27]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-06]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2016-08-28]
CHR Extension: (Gradient Creator!) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcplneddoadgichngfbobgpllfphdfla [2015-01-31]
CHR Extension: (FabCam) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2015-08-17]
CHR Extension: (HTML5 Banner Creator) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hioegghdmpcchhfdcbkldeiobkahllhg [2016-07-18]
CHR Extension: (TiltShiftMaker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2016-10-30]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-06-05]
CHR Extension: (RealPlayer Downloader) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-23]
CHR Extension: (Bing™ Wallpaper for Google™ Homepage) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignkobhlkpgjcpkfgfohhdgdaldfaoni [2016-01-25]
CHR Extension: (Norton Identity Safe) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-05]
CHR Extension: (Super Free Vectors) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdlminobfmiedpiagffejcbdncdfjia [2014-04-02]
CHR Extension: (Glitterboo) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp [2016-11-10]
CHR Extension: (Photo To Cartoon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphmndcanljimncebjfmknoadejhjjdd [2015-01-31]
CHR Extension: (WhatFont) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-21]
CHR Extension: (280 Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfgfmoonhalhgbpeoffnehkedjhgoeno [2014-04-02]
CHR Extension: (Kindle Books News) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjgemglmkfccachabpkcjoeincobokgn [2014-05-26]
CHR Extension: (FB-Photos Tools) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkmjniagpgdpgjaniplidadpcgpmjpep [2015-08-28]
CHR Extension: (StumbleUpon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2014-03-02]
CHR Extension: (Pixeffect - Photo Effects) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\koekplodmdaalggcclajcecoomipnpca [2015-01-07]
CHR Extension: (Save as PDF) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2014-06-14]
CHR Extension: (TinyURL) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbadmllalinlpflkajgkkmjohckpnahm [2016-07-04]
CHR Extension: (Pic Maker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcmgcbgahjfokkiniknnafmeoaolkfab [2015-01-31]
CHR Extension: (Comic Webcam) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffhmndpldceogndeognocbpmlgdemi [2015-01-31]
CHR Extension: (PlayOn) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2016-02-21]
CHR Extension: (InvisibleHand) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2016-11-04]
CHR Extension: (DownloadStudio) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpmnkoeoilpghhjiikckillmoidfbidl [2014-11-15]
CHR Extension: (Facebook Cover Maker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbpohdhflnokmclkbieabhmhbnamcnk [2015-01-31]
CHR Extension: (Text Logo Maker) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocbgbekdcklalbipkekjlhphchgnddm [2016-01-06]
CHR Extension: (Photo Editor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nebhanlkihgdilmhiaiaclanodcalglc [2015-08-04]
CHR Extension: (IDM Integration Module) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-09]
CHR Extension: (Photo Effects) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nicfhlmjhhnmjfieannkflchoonoppcd [2015-01-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Best Audible Books) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocmobofpehjlbiliooabhofahhbdcdjb [2014-05-26]
CHR Extension: (Foto Rulez) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\odahhdimpaeigjcdbgcnhemlkejclmmk [2015-01-31]
CHR Extension: (Print Friendly & PDF) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2013-05-23]
CHR Extension: (PhotoMania) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj [2014-02-04]
CHR Extension: (Fullscreen Anything) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2015-01-07]
CHR Extension: (Print Edit WE) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2016-11-19]
CHR Extension: (Pop Art Studio Online) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oompiimecpnflklhlnmdpddcjdmiibkf [2015-01-31]
CHR Extension: (Instagram for Chrome) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2016-08-19]
CHR Extension: (Polaroid Madness) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbakcedgfbkngkamdnodjdbmmbigepaa [2015-01-31]
CHR Extension: (PixEditor - Photo Effects) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeohkaeldkdngaklhhkpnnjapbbcke [2015-01-31]
CHR Extension: (Wallpaper Customizer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pggbacoeeiigddnlocgkgigllpiennmd [2013-09-27]
CHR Extension: (Psykopaint) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-02]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-15]
CHR Extension: (RoboForm Password Manager) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-11-15]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2015-10-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-11-30]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-12-16] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.ScreenshotReader.Windows.11.0; C:\Program Files (x86)\Common Files\ABBYY\ScreenshotReader\11.00\Licensing\NetworkLicenseServer.exe [821048 2013-08-14] (ABBYY InfoPoisk LLC)
R2 ABossSrv; C:\Windows\SysWOW64\ABossSrv.exe [93824 2008-09-28] (FSPro Labs)
S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [456480 2016-05-30] (IObit)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
S3 AnonMgmtSvc; C:\Program Files (x86)\Anonymizer\Anonymizer Universal\AnonMgmtSvc.exe [220184 2014-10-21] (Anonymizer)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1828640 2016-07-18] (IObit)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-03-23] (AVG Technologies CZ, s.r.o.)
S3 BackupBoxService; C:\Program Files (x86)\abylonsoft\Backup-Tube\BackupBoxServiceX64.EXE [801832 2013-04-26] ()
S3 CachemanService; C:\Program Files (x86)\Cacheman\CachemanServ.exe [261704 2015-08-12] (Outertech)
S4 CareMon; C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe [146792 2011-11-15] ()
S3 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
S3 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 Emc.Captiva.WebCaptureService; C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [39936 2012-04-04] (EMC Corporation) [File not signed]
S3 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 Everything; C:\Program Files\JPSoft\TCMD20\Everything.exe [1835088 2015-11-24] ()
S4 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2015-03-27] (Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3829760 2015-03-27] (Firebird Project) [File not signed]
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
S4 GenieTimelineService; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [662104 2012-09-16] (Genie9)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [505056 2013-10-10] ()
S4 cfguys_Media_Server; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [5645056 2014-12-07] (Conceiva Pty. Ltd.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S3 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4759600 2016-02-19] (iolo technologies, LLC)
R2 ListaryService; C:\Program Files\Listary\ListaryService.exe [257776 2014-09-25] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S4 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [8010856 2016-11-21] (MediaMall Technologies, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\NIS.exe [289080 2016-11-12] (Symantec Corporation)
S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-07-22] (Nuance Communications, Inc.)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-02-01] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
S3 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-03-23] (RealNetworks, Inc.)
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-12] () [File not signed]
S4 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1095664 2011-07-13] (Rovi Corporation)
S4 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [340976 2011-07-13] (Rovi Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S2 SerialLogger1; C:\Program Files (x86)\Call Detail Recorder\CDRService.exe [57344 2004-02-12] () [File not signed]
S3 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4584208 2016-03-29] (AVG Technologies CZ, s.r.o.)
S4 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-03-29] (AVG Technologies CZ, s.r.o.)
S4 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [49424 2016-03-29] (AVG Technologies CZ, s.r.o.)
S3 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [51056 2015-07-13] (KeepSolid Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-05-28] (WiseCleaner.com) [File not signed]
S4 ZentimoService; C:\Program Files (x86)\Zentimo\ZentimoService.exe [1703792 2015-01-06] (Crystal Rich Ltd)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [15288 2011-12-26] () [File not signed]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [12728 2011-12-26] () [File not signed]
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2009-10-11] (Adaptec) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20161206.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1608010.00E\ccSetx64.sys [174328 2016-06-01] (Symantec Corporation)
R3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34528 2013-10-10] (Windows ® Win 7 DDK provider)
S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
S3 DM150Drv; C:\Windows\System32\DRIVERS\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-11-30] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2012-12-21] () [File not signed]
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-03] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2012-12-21] () [File not signed]
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-06-22] (Glarysoft Ltd)
R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [20160 2016-06-22] (Glarysoft Ltd)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [33968 2015-11-10] (Paragon Software Group)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-02] (REALiX™)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20161207.002\IDSvia64.sys [1012952 2016-10-27] (Symantec Corporation)
R3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software)
S3 mcdevice; C:\Windows\System32\DRIVERS\mcdevice.sys [334400 2011-05-19] (ShiningMorning Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2015-10-29] (MediaMall Technologies, Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2016-12-04] (CACE Technologies, Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-11-13] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-08-15] (EldoS Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [446976 2009-11-18] (NETGEAR Inc.                           ) [File not signed]
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-03-06] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1608010.00E\SRTSP64.SYS [784624 2016-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-11] (Symantec Corporation)
R2 supersafer64; C:\Windows\SysWOW64\drivers\supersafer64.sys [238072 2011-11-15] (Spotmau)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1608010.00E\Ironx64.SYS [289520 2016-11-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1608010.00E\SYMNETS.SYS [567512 2016-11-11] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-11-22] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2015-07-19] (Acronis International GmbH)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102576 2015-11-10] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25904 2015-11-10] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [701360 2015-11-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USB_RNDIS_VISTA; C:\Windows\System32\DRIVERS\usb8023.sys [19968 2013-02-11] (Microsoft Corporation)
R1 usedisk; C:\Windows\System32\DRIVERS\usedisk.sys [29208 2013-10-14] (Gili Soft INC.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-11-22] (Acronis International GmbH)
R3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)
U4 CSC; no ImagePath
U4 CscService; no ImagePath
U3 DfSdkS; no ImagePath
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
U4 Messenger; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\EX64.SYS [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 17:41 - 2016-12-09 20:24 - 00000000 ____D C:\FRST
2016-12-09 05:31 - 2016-12-09 05:31 - 00002668 _____ C:\Windows\system32\bootdelete.lst
2016-12-08 10:22 - 2016-12-08 10:22 - 00003254 _____ C:\Windows\System32\Tasks\IU_BigupgradeTask
2016-12-07 09:48 - 2016-12-07 09:48 - 00000221 _____ C:\Users\Chris\Desktop\dealsCube.URL
2016-12-06 13:00 - 2016-12-06 13:00 - 00000000 ____D C:\ProgramData\Blumentals
2016-12-05 21:22 - 2016-12-08 10:39 - 00002896 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (cfguy)
2016-12-04 17:55 - 2016-12-08 22:19 - 00000000 ____D C:\Users\Chris\AppData\Local\NETGEARGenie
2016-12-04 17:55 - 2016-12-04 17:55 - 00002032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2016-12-04 17:55 - 2016-12-04 17:55 - 00002020 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2016-12-04 17:53 - 2016-12-04 17:55 - 00000000 ____D C:\Program Files (x86)\NETGEAR Genie
2016-12-03 07:20 - 2016-12-05 05:59 - 00000190 _____ C:\Users\Chris\Desktop\ATT Password.txt
2016-12-02 06:36 - 2016-12-02 06:36 - 00000138 _____ C:\Users\Chris\Desktop\MailtoGC.url
2016-12-02 05:34 - 2016-12-02 05:34 - 01037832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-12-02 05:34 - 2016-12-02 05:34 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-12-02 05:34 - 2016-12-02 05:34 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-12-01 09:50 - 2016-12-01 09:50 - 00000971 _____ C:\Users\Chris\Desktop\Internet Download Manager.lnk
2016-11-30 12:53 - 2016-11-30 12:53 - 00000262 _____ C:\Users\Chris\Desktop\Switchblade, a portable troubleshooting toolkit - gHacks Tech News.URL
2016-11-30 10:21 - 2016-10-17 10:35 - 00223464 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2016-11-27 11:33 - 2016-11-27 11:33 - 00003338 _____ C:\Windows\System32\Tasks\{B34339D2-A74B-41C6-9A63-5273CD9F7527}
2016-11-27 08:37 - 2016-11-27 08:37 - 00000517 _____ C:\Users\Chris\Desktop\Network and Sharing Center - Shortcut.lnk
2016-11-26 13:41 - 2016-11-26 13:41 - 00000000 ____D C:\Users\Chris\AppData\Local\JPSoft
2016-11-26 13:40 - 2016-11-26 13:42 - 00000000 ____D C:\ProgramData\JP Software
2016-11-26 13:40 - 2016-11-26 13:40 - 00001956 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Take Command v20.0.lnk
2016-11-26 13:40 - 2016-11-26 13:40 - 00001912 _____ C:\Users\Public\Desktop\Take Command v20.0.lnk
2016-11-26 13:40 - 2016-11-26 13:40 - 00000000 ____D C:\ProgramData\regid.2002-09.com.jpsoft
2016-11-26 13:40 - 2016-11-26 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TCMD20
2016-11-26 13:40 - 2016-11-26 13:40 - 00000000 ____D C:\Program Files\JPSoft
2016-11-26 13:37 - 2016-11-26 13:37 - 00000000 ____D C:\Users\Chris\AppData\Roaming\JP Software
2016-11-23 20:37 - 2016-11-23 20:37 - 00003310 _____ C:\Windows\System32\Tasks\{33EC73DE-F71B-4FCE-AD80-31926A17ADCA}
2016-11-23 20:32 - 2016-11-27 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-11-23 20:32 - 2016-11-27 10:54 - 00000000 ____D C:\Program Files (x86)\TP-LINK ADSL USB Router
2016-11-23 20:28 - 2016-11-23 20:28 - 00000000 ____D C:\ProgramData\TP-LINK
2016-11-23 11:58 - 2016-11-23 11:58 - 05310472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-11-23 11:58 - 2016-11-23 11:58 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-11-23 11:58 - 2016-11-23 11:58 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-11-23 11:58 - 2016-11-23 11:58 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-11-23 11:58 - 2016-11-23 11:58 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 07020920 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-11-23 11:57 - 2016-11-23 11:57 - 03291320 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 03203592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 03133856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-11-23 11:57 - 2016-11-23 11:57 - 02073088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 02050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 01979112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 01745672 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 01360520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00914016 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00768816 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00642928 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00577832 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00410040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-11-23 11:57 - 2016-11-23 11:57 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-11-23 10:57 - 2016-11-23 10:57 - 00003264 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-11-23 06:32 - 2016-11-23 06:32 - 00000908 _____ C:\Users\Public\Desktop\PlayOn.lnk
2016-11-23 06:31 - 2016-11-23 06:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOn
2016-11-21 18:16 - 2016-11-21 18:16 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2016-11-21 18:07 - 2016-11-21 18:07 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-11-20 12:18 - 2016-11-20 12:18 - 00001897 _____ C:\Users\Chris\Desktop\Scan with NIS (Shortcut).lnk
2016-11-19 14:44 - 2016-11-19 14:44 - 00000090 _____ C:\Users\Chris\Desktop\IDM integration into Chrome does not work. What should I do-.url
2016-11-19 09:45 - 2016-11-19 09:45 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coopoint
2016-11-19 09:45 - 2016-11-19 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coopoint
2016-11-19 09:45 - 2016-11-19 09:45 - 00000000 ____D C:\Program Files (x86)\Coopoint
2016-11-18 10:15 - 2016-12-09 17:14 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Mozilla
2016-11-17 21:06 - 2016-12-09 12:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-16 16:40 - 2016-11-16 16:40 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-16 16:40 - 2016-11-16 16:40 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-16 16:40 - 2016-11-16 16:40 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-11-16 16:40 - 2016-11-16 16:40 - 00419648 _____ C:\Windows\system32\locale.nls
2016-11-16 16:40 - 2016-11-16 16:40 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-16 16:40 - 2016-11-16 16:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-16 16:40 - 2016-11-16 16:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-16 16:40 - 2016-11-16 16:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-16 14:47 - 2016-11-16 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-16 14:46 - 2016-11-16 14:46 - 00000000 ____D C:\Program Files\iPod
2016-11-16 14:45 - 2016-11-16 14:47 - 00000000 ____D C:\Program Files\iTunes
2016-11-13 20:48 - 2016-11-13 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX920 series
2016-11-13 20:45 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLL.dll
2016-11-13 20:45 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLU.dll
2016-11-13 20:45 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\SysWOW64\CNC176BD.TBL
2016-11-13 20:45 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2016-11-13 20:40 - 2012-09-21 09:34 - 00366080 _____ (CANON INC.) C:\Windows\system32\CNC_BLL.dll
2016-11-13 20:40 - 2012-05-25 09:21 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BLC.dll
2016-11-13 20:40 - 2012-05-25 09:20 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BLI.dll
2016-11-13 20:39 - 2016-11-13 20:40 - 00000000 ___HD C:\Program Files\CanonBJ
2016-11-12 09:59 - 2016-11-12 10:00 - 00000865 _____ C:\Windows\AdrBook.INI
2016-11-12 09:24 - 2016-10-01 14:38 - 00001293 _____ C:\Users\Chris\Desktop\IcoFX.lnk
2016-11-12 07:58 - 2016-11-12 07:58 - 00001847 _____ C:\Users\Public\Desktop\P-touch Address Book 1.2.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 20:19 - 2011-08-24 13:08 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-09 17:19 - 2013-10-01 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-12-09 17:19 - 2013-10-01 01:43 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-12-09 17:07 - 2014-03-17 07:36 - 00000000 ____D C:\Users\Chris\AppData\Roaming\XYplorer
2016-12-09 09:49 - 2014-07-23 06:30 - 00000000 ____D C:\Summitsoft Order
2016-12-09 08:04 - 2012-05-01 11:56 - 00000000 ____D C:\ProgramData\TEMP
2016-12-09 06:48 - 2013-12-10 19:56 - 00000000 ___RD C:\Users\Chris\Desktop\PDF Programs
2016-12-09 06:26 - 2013-04-19 09:50 - 00000000 ____D C:\Icon Files
2016-12-09 05:46 - 2013-10-10 12:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\IDM
2016-12-09 05:40 - 2015-08-07 13:41 - 00000000 ____D C:\Users\Chris\Desktop\Graphic & Photo Programs
2016-12-09 05:40 - 2014-06-24 10:45 - 00000000 ___RD C:\Users\Chris\Desktop\System Tools
2016-12-09 05:31 - 2014-06-15 09:22 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-12-09 03:55 - 2009-07-13 23:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-09 03:55 - 2009-07-13 23:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-09 02:00 - 2014-06-17 14:24 - 00000000 ____D C:\Users\Chris\AppData\Local\Adobe
2016-12-08 19:48 - 2014-06-15 08:22 - 00000000 ____D C:\Program Files\HitmanPro
2016-12-08 19:34 - 2013-04-26 12:49 - 00000059 _____ C:\Users\Chris\AppData\Local\{C916D440-D489-4A79-B306-5FDC1E7932C0}.list
2016-12-08 19:34 - 2011-11-15 10:39 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-12-08 10:23 - 2013-05-21 01:58 - 00000632 __RSH C:\Users\Chris\ntuser.pol
2016-12-08 10:23 - 2010-12-27 16:25 - 00000000 ____D C:\Users\Chris
2016-12-08 10:22 - 2013-04-20 01:56 - 00000000 ____D C:\ProgramData\IObit
2016-12-08 10:20 - 2014-04-04 23:16 - 00020480 _____ C:\Windows\SysWOW64\PLregShot.dat
2016-12-08 10:19 - 2016-05-01 20:26 - 00000000 ____D C:\Program Files (x86)\ClipMate7
2016-12-08 10:19 - 2013-11-20 07:24 - 00000000 ____D C:\ProgramData\ProductData
2016-12-08 10:19 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-12-08 10:18 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-07 12:12 - 2013-07-31 10:15 - 00000184 _____ C:\Windows\setscan.ini
2016-12-07 11:15 - 2013-06-13 11:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\.oit
2016-12-06 12:57 - 2015-11-01 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy GIF Animator Lite
2016-12-06 12:57 - 2015-11-01 08:44 - 00000000 ____D C:\Program Files (x86)\Easy GIF Animator Lite
2016-12-06 11:21 - 2014-05-19 08:41 - 00000193 _____ C:\Windows\WORDPAD.INI
2016-12-06 04:37 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-05 21:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-05 21:01 - 2010-12-28 09:35 - 00000000 ____D C:\Users\Chris\AppData\Local\ElevatedDiagnostics
2016-12-05 20:43 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-12-05 11:55 - 2013-02-15 14:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DMCache
2016-12-05 07:42 - 2010-08-27 21:53 - 00000000 ____D C:\dell
2016-12-04 17:54 - 2013-02-28 20:49 - 00369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
2016-12-04 17:54 - 2013-02-28 20:49 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2016-12-04 17:54 - 2013-02-28 20:49 - 00106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll
2016-12-04 17:54 - 2013-02-28 20:49 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll
2016-12-04 17:54 - 2013-02-28 20:49 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-12-03 09:35 - 2009-07-14 00:13 - 00817010 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-03 06:57 - 2013-02-15 14:40 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-12-03 06:38 - 2015-12-06 08:31 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-12-01 06:18 - 2013-02-15 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-30 11:03 - 2014-06-14 17:19 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-11-30 10:54 - 2016-02-11 08:05 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Direct Folders
2016-11-30 10:54 - 2015-09-15 09:17 - 00000000 ____D C:\Users\Chris\AppData\Local\TriSun_Software_Inc
2016-11-30 10:54 - 2013-07-31 20:46 - 00000000 ____D C:\Users\Chris\AppData\Roaming\ISIS Drivers
2016-11-30 10:54 - 2013-07-31 20:46 - 00000000 ____D C:\ProgramData\ISIS Drivers
2016-11-30 10:54 - 2013-04-20 01:56 - 00000000 ____D C:\Users\Chris\AppData\Roaming\IObit
2016-11-30 10:54 - 2013-04-18 22:55 - 00000000 ____D C:\ProgramData\Licenses
2016-11-30 10:54 - 2011-08-24 13:08 - 00000000 ____D C:\Users\Chris\AppData\Local\Google
2016-11-30 10:54 - 2011-08-19 08:52 - 00000000 ____D C:\ProgramData\Norton
2016-11-30 10:54 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2016-11-27 15:10 - 2016-02-20 21:02 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-11-27 13:41 - 2013-08-01 19:41 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-11-27 10:54 - 2010-08-27 19:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 20:32 - 2015-08-07 13:07 - 00000000 ____D C:\Users\Chris\AppData\Local\ApplicationHistory
2016-11-23 14:51 - 2014-06-25 07:08 - 00196608 _____ C:\Windows\system32\Ikeext.etl
2016-11-23 14:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2016-11-23 12:07 - 2013-03-29 14:52 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-23 12:01 - 2010-08-27 21:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-11-23 11:23 - 2016-02-17 20:44 - 00000000 ____D C:\ProgramData\MediaMall
2016-11-23 10:53 - 2016-10-25 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-11-23 06:35 - 2013-07-01 12:48 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-23 06:35 - 2013-07-01 12:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-23 06:34 - 2013-07-01 12:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-23 06:34 - 2011-11-21 11:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-23 06:32 - 2016-02-17 20:46 - 00000000 ____D C:\Program Files (x86)\MediaMall
2016-11-23 05:26 - 2015-09-12 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-21 18:09 - 2013-05-30 14:49 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2016-11-21 18:06 - 2015-07-01 03:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-11-20 20:14 - 2013-07-31 14:09 - 00020480 _____ C:\Users\Chris\AppData\Roaming\PLregShot.dat
2016-11-19 09:51 - 2015-12-15 07:57 - 00000000 ____D C:\Users\Chris\Desktop\Utilities
2016-11-19 09:48 - 2016-02-21 07:00 - 00000000 ____D C:\Users\Chris\Desktop\iPod, iPad, iPhone Utilities
2016-11-16 20:17 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-16 19:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-11-16 16:24 - 2012-05-07 12:33 - 00809132 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-16 15:06 - 2016-10-01 09:59 - 00000002 _____ C:\Windows\SysWOW64\ReScanSoft.dat
2016-11-16 14:45 - 2013-05-29 22:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-14 17:36 - 2013-05-22 03:22 - 00002157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 17:00 - 2014-12-21 15:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Canon
2016-11-14 17:00 - 2013-07-04 14:59 - 00000000 ___HD C:\ProgramData\CanonIJScan
2016-11-14 09:16 - 2016-02-07 13:36 - 00000000 ____D C:\Program Files (x86)\Direct Folders
2016-11-14 09:16 - 2014-03-17 07:36 - 00000000 ____D C:\Program Files (x86)\XYplorer
2016-11-13 20:46 - 2016-07-19 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-11-13 20:46 - 2014-12-21 11:11 - 00000000 ____D C:\Program Files (x86)\Canon
2016-11-13 20:45 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2016-11-13 20:44 - 2013-04-01 17:49 - 00000000 ___HD C:\ProgramData\CanonIJFax
2016-11-13 08:51 - 2013-09-25 22:50 - 00000000 ____D C:\ProgramData\Roxio
2016-11-13 07:39 - 2009-07-13 23:45 - 02463968 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-12 14:28 - 2014-11-01 17:01 - 00000000 ____D C:\Program Files (x86)\PDF Annotator
2016-11-12 09:54 - 2013-12-10 19:53 - 00000000 ___RD C:\Users\Chris\Desktop\New 09-13-13
2016-11-12 09:50 - 2016-10-01 10:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\IcoFX2X
2016-11-12 09:50 - 2016-08-09 16:00 - 00001880 _____ C:\Users\Chris\Desktop\User Manuals & Instructions.lnk
2016-11-12 08:49 - 2010-12-27 16:25 - 00900272 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-12 07:57 - 2014-09-02 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch
2016-11-12 07:56 - 2013-06-13 11:36 - 00000000 ____D C:\Program Files (x86)\Brother
2016-11-10 20:03 - 2013-12-10 20:00 - 00000000 ____D C:\Users\Chris\Desktop\VSL#3 Pribiotic
2016-11-10 19:55 - 2016-08-21 18:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\WinPatrol
2016-11-10 19:50 - 2013-02-19 17:54 - 00000000 ____D C:\Users\Chris\AppData\Roaming\uTorrent
2016-11-09 18:58 - 2013-07-19 09:29 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 18:37 - 2010-12-27 18:54 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 12:17 - 2016-03-16 06:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

==================== Files in the root of some directories =======

2016-02-06 11:48 - 2016-02-06 11:48 - 0001122 _____ () C:\Program Files (x86)\Direct Folders - Shortcut.lnk
2013-06-05 01:50 - 2013-06-05 01:50 - 0000007 _____ () C:\Program Files (x86)\SysResources Managersyok12.dat
2011-01-12 01:00 - 2011-01-12 01:00 - 0146944 _____ () C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0221184 _____ () C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0204800 _____ () C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 0171520 _____ () C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0240128 _____ () C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 0001860 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 0569680 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 0653136 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0412672 _____ (Google) C:\Program Files (x86)\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0701440 _____ (Google) C:\Program Files (x86)\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0302592 _____ (Google) C:\Program Files (x86)\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0292352 _____ (Google) C:\Program Files (x86)\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0030208 _____ () C:\Program Files (x86)\Common Files\wmpinfo.dll
2015-01-27 14:03 - 2016-08-31 07:39 - 406131044 _____ () C:\Users\Chris\AppData\Roaming\hkey_local_machine.reg
2013-04-13 01:31 - 2013-04-13 01:31 - 0099384 _____ () C:\Users\Chris\AppData\Roaming\inst.exe
2016-01-28 17:37 - 2016-05-24 20:12 - 0000321 _____ () C:\Users\Chris\AppData\Roaming\MWCS.Dr_Batcher.Settings.xml
2013-04-13 01:31 - 2013-04-13 01:31 - 0007859 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.cat
2013-04-13 01:31 - 2013-04-13 01:31 - 0001167 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.inf
2013-04-13 01:31 - 2013-04-13 01:31 - 0082816 _____ (VSO Software) C:\Users\Chris\AppData\Roaming\pcouffin.sys
2013-04-22 00:42 - 2013-04-22 00:42 - 0000703 _____ () C:\Users\Chris\AppData\Roaming\pdfCodec.dll
2013-09-19 01:25 - 2013-09-19 01:26 - 0000010 _____ () C:\Users\Chris\AppData\Roaming\pdfdrawcodec.dll
2013-07-31 14:09 - 2016-11-20 20:14 - 0020480 _____ () C:\Users\Chris\AppData\Roaming\PLregShot.dat
2014-11-24 09:34 - 2014-11-24 09:34 - 0000038 ___SH () C:\Users\Chris\AppData\Local\69ff07055291669bb2b218.72821112
2013-05-29 22:43 - 2013-05-29 22:43 - 0000017 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg
2014-06-17 21:01 - 2014-06-17 21:01 - 0124904 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(0).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0130214 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(1).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0132108 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(10).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0129659 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(11).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0130169 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(12).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0132562 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(13).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0127661 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(14).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0131279 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(15).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0137205 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(16).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0133355 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(17).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0128559 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(2).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0131343 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(3).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0138914 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(4).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0132951 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(5).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0137209 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(6).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0136501 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(7).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0129989 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(8).pdf
2014-06-17 21:01 - 2014-06-17 21:01 - 0136179 _____ () C:\Users\Chris\AppData\Local\TempMERGE(0)_TEMP_FILE_(9).pdf
2011-08-19 08:28 - 2011-08-19 08:28 - 0017408 _____ () C:\Users\Chris\AppData\Local\WebpageIcons.db
2015-01-31 08:12 - 2015-01-31 08:12 - 0000000 _____ () C:\Users\Chris\AppData\Local\{46856D99-1340-4CE1-AE9C-4A01289ED2AD}
2013-04-26 12:49 - 2016-12-08 19:34 - 0000059 _____ () C:\Users\Chris\AppData\Local\{C916D440-D489-4A79-B306-5FDC1E7932C0}.list
2015-09-15 09:23 - 2015-09-15 09:23 - 0000188 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\Users\Chris\netlogon.bat


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-04 23:22

==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 10 December 2016 - 10:54 AM

Greetings cfguy and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me just a bit of time to review what you have posted.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 10 December 2016 - 04:32 PM

Greetings and thank you for your patience.

I must say while reviewing your logs I was struck by the number of programs you have on your computer. It was therefore not surprising to figure out what is going on with your computer lagging when I got to the information about available resources. I am surprised your computer is running at all. You are simply asking too much of your machine. You either have to remove some of the demands on your system or add memory.
 

==================== Memory info ===========================

Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 91%
Total physical RAM: 4060.99 MB
Available physical RAM: 350.6 MB
Total Virtual: 8120.17 MB
Available Virtual: 2366.04 MB


Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [RecentX] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {818BB5E8-63DF-4F20-8C39-207992DEA155} URL =
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000610&geo=US&ver=22&locale=en_US&guid=D05B9E94-79AE-4E72-8480-D85A809F3FA8&doi=2016-09-01&gct=kwd&qsrc=2869
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: WSWSVCUchrome - No CLSID Value
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\user.js [2016-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.5.14\coFFFw => not found
U4 CSC; no ImagePath
U4 CscService; no ImagePath
U3 DfSdkS; no ImagePath
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
U4 Messenger; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\EX64.SYS [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
Task: {D66CE56D-BA3B-4BD8-A906-86864740220E} - \Driver Booster Update -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_e [84]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_e [84]
AlternateDataStreams: C:\ProgramData\TEMP:0A8E2C33 [376]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [370]
AlternateDataStreams: C:\ProgramData\TEMP:AB9E0B78 [152]
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [476]
AlternateDataStreams: C:\ProgramData\TEMP:B0D4D817 [432]
AlternateDataStreams: C:\ProgramData\TEMP:F169C698 [187]
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [242]
Task: {D66CE56D-BA3B-4BD8-A906-86864740220E} - \Driver Booster Update -> No File <==== ATTENTION
CMD: type "C:\Users\Chris\netlogon.bat"
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 cfguy

cfguy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 AM

Posted 11 December 2016 - 12:00 PM

Hi,

 

Thank you so much for getting back to me so quickly.  My apologies for the multiple posts - I kept getting the "Error 524: A timeout occurred" message when I was pasting the contents of my original FRST.txt log into my initial messages. :ranting:
 

Then, instead of pasting the contents of the FRST.txt file into my message, I finally decided just to attach it to the message, along with the Addition.txt file, and I finally got the post to go through your servers without the error message.

 

Getting back to the task at hand, I did exactly as you requested in your previous post, and am going to attempt to past the contents of the Fixlog.txt file below. 

 

I'll wait to hear back from you as to what steps I need to take next, and again, I can't thank you enough for all of your help.  :rolleyes:

************************************Contents of file Fixlog.txt pasted below: *******************************************************************************

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by cfguy (11-12-2016 10:44:36) Run:1
Running from D:\Programs from C Drive\Farbar Recovery Scan Tool (FRST) (Freeware)\Software Installation Files
Loaded Profiles: cfguy (Available Profiles: cfguy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\...\Run: [RecentX] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {818BB5E8-63DF-4F20-8C39-207992DEA155} URL =
SearchScopes: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000610&geo=US&ver=22&locale=en_US&guid=D05B9E94-79AE-4E72-8480-D85A809F3FA8&doi=2016-09-01&gct=kwd&qsrc=2869
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\S-1-5-21-1283994605-1191266653-554872468-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: WSWSVCUchrome - No CLSID Value
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\user.js [2016-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.9.5.14\coFFFw => not found
U4 CSC; no ImagePath
U4 CscService; no ImagePath
U3 DfSdkS; no ImagePath
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]
U4 Messenger; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\SDSDefs\20160624.001\EX64.SYS [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
Task: {D66CE56D-BA3B-4BD8-A906-86864740220E} - \Driver Booster Update -> No File <==== ATTENTION
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\system.ini:c10_encryption_e [84]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_d [14]
AlternateDataStreams: C:\Windows\win.ini:c10_encryption_e [84]
AlternateDataStreams: C:\ProgramData\TEMP:0A8E2C33 [376]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [370]
AlternateDataStreams: C:\ProgramData\TEMP:AB9E0B78 [152]
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [476]
AlternateDataStreams: C:\ProgramData\TEMP:B0D4D817 [432]
AlternateDataStreams: C:\ProgramData\TEMP:F169C698 [187]
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [242]
Task: {D66CE56D-BA3B-4BD8-A906-86864740220E} - \Driver Booster Update -> No File <==== ATTENTION
CMD: type "C:\Users\Chris\netlogon.bat"
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RecentX => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-1283994605-1191266653-554872468-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{818BB5E8-63DF-4F20-8C39-207992DEA155}" => key removed successfully
HKCR\CLSID\{818BB5E8-63DF-4F20-8C39-207992DEA155} => key not found.
"HKU\S-1-5-21-1283994605-1191266653-554872468-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => key removed successfully
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => key removed successfully
HKU\S-1-5-21-1283994605-1191266653-554872468-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value removed successfully
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully
C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\user.js => moved successfully
C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o70jk1x8.default\user.js => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115} => value removed successfully
CSC => service removed successfully
CscService => service removed successfully
DfSdkS => service removed successfully
hitmanpro37 => service not found.
Messenger => service removed successfully
NAVENG => service could not remove
NAVEX15 => service could not remove
Partizan => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D66CE56D-BA3B-4BD8-A906-86864740220E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D66CE56D-BA3B-4BD8-A906-86864740220E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update" => key removed successfully
C:\Windows\system.ini => ":c10_encryption_d" ADS removed successfully.
C:\Windows\system.ini => ":c10_encryption_e" ADS removed successfully.
C:\Windows\win.ini => ":c10_encryption_d" ADS removed successfully.
C:\Windows\win.ini => ":c10_encryption_e" ADS removed successfully.
C:\ProgramData\TEMP => ":0A8E2C33" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
C:\ProgramData\TEMP => ":AB9E0B78" ADS removed successfully.
C:\ProgramData\TEMP => ":AEC0AC81" ADS removed successfully.
C:\ProgramData\TEMP => ":B0D4D817" ADS removed successfully.
C:\ProgramData\TEMP => ":F169C698" ADS removed successfully.
C:\ProgramData\TEMP => ":FD9CE1F3" ADS removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D66CE56D-BA3B-4BD8-A906-86864740220E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => key not found.

========= type "C:\Users\Chris\netlogon.bat" =========

@ECHO off
   
SET delay=60
net use * /delete /yes
 
net use a: \\cfguyDELLDESK\d /p:yes
net use b: \\cfguyDELLDESK\BayTree /p:yes
net use h: \\cfguyDELLDESK\cfguy's Documents /p:yes
net use l: \\cfguyDELLDESK\!Logins & Passwords /p:yes
net use p: \\cfguyDELLDESK\cfguy's Paperport Documents /p:yes
net use t: \\cfguyDELLDESK\!Topics /p:yes
net use u: \\cfguyDELLDESK\User Manuals & Instructions /p:yes
========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 10:54:47 ====



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 11 December 2016 - 02:51 PM

Thank you and you are quite welcome.

Does this make sense to you?
 

========= type "C:\Users\Chris\netlogon.bat" =========

@ECHO off

SET delay=60
net use * /delete /yes

net use a: \\cfguyDELLDESK\d /p:yes
net use b: \\cfguyDELLDESK\BayTree /p:yes
net use h: \\cfguyDELLDESK\cfguy's Documents /p:yes
net use l: \\cfguyDELLDESK\!Logins & Passwords /p:yes
net use p: \\cfguyDELLDESK\cfguy's Paperport Documents /p:yes
net use t: \\cfguyDELLDESK\!Topics /p:yes
net use u: \\cfguyDELLDESK\User Manuals & Instructions /p:yes

 


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 cfguy

cfguy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:38 AM

Posted 14 December 2016 - 05:56 AM

Hi,

 

Sorry for my delayed reply.  Yes, these entries are the contents of a ".bat" file that I set up on my computers (on the advice of an internet post I had read) because I was having problems with networked drive shares not always connecting.  After having tried a number of other things, I did a Google search about the problem, and someone had posted that creating a ".bat" file that would run each time a computer in the workgroup/homegroup started, which would instruct the computer to initiate a re-connection with each networked drive (residing on one of the networked computers (in this case the "cfguyDELLDESK" networked computer)) would ensure that the networked drives remain "active and not loose their connection.  And all was working well for a while, until I switched out an older computer with a new one on the network, got a new router and also got a new DSL modem.

 

Now, I am still experiencing problems getting 2 of the computers on my workgroup/homegroup to be available to one another.  I have a third computer in the workgroup/homegroup that never gibes me any problems when the other two computers want to connect to it and share files and devices; but the other two give me consistent problems (despite my having done all of the basic "troubleshooting" steps such as making sure all computers are on the same workgroup and have joined the same homegroup, making sure network discovery is "on" for all three computers (and all of the other troubleshooting steps for advanced sharing settings), making sure that my antivirus/firewall (NIS, in my case) is set to allow full permission control on the network - and the problem with the same two computers remaining, even when antivirus "autoprotect" and "firewall:" are temporarily disabled), and also making sure Enable NetBIOS over TC/IP is set to "active" on the Internet Protocol version 4 (TCP/IPv4) settings on my  LAN and wireless adapter settings.  The most recent suggestions (via Google search results of advice to those with similar issues) that I have tried include resetting all IE settings to their default condition, and unchecking "automatically detect settings" in the LAN settings of IE options.  But so far, none of this has enabled the two problem computers to be able to be accessible on the workgroup/homegroup. 

 

The error message that I get when I am on "computer A" and click on "computer B" (in the "Networks" folder) is "Windows cannot access \\[computer name].  When I am on "computer B" and try to access "computer A", I get the following error message "Error code: 0x80070035 -  The network path was not found".  Homegroup and network troubleshooters are never able to identify problems or offer solutions, and usually point back to antivirus/firewall, which, of course, I have already configured for "full network access", and furthermore when I completely (temporarily) disable  antivirus & firewall on both computer A and computer B, the same problem exists.

 

I realize that at this point, we might have already ruled out any spyware or virus issues that could potentially be involved, but is there any other suggestions you (or anyone else) might have, that I haven't already tried, that might help solve the network connection problems?

 

As always, thanks again, so very much, for your help with these issues. :rolleyes:

 

-CFguy



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 14 December 2016 - 03:06 PM

Greetings,

I would suggest you start a topic in our Networking Forum to obtain assistance but before doing so I would like you to run the following programs to make sure you are clean and up to date.

===================================================

Emsisoft Emergency Kit Scan

--------------------
  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double-click icon then click Install
  • A Window should open highlighting Start Emergency Kit Scanner
  • Right click on the icon and select Run as administrator
  • Click 1. Update now!
  • Once the update is completed select Settings under Scan
  • Uncheck Join the Emsisoft Anti-Malware Network
  • Click Scan at the top
  • Click On scan completion
  • Click Quarantine detected objects, then click OK
  • Click Malware Scan
  • Once completed click View Report
  • Save the file to your Desktop using the default file name
  • Copy and paste the report in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon then click Run
  • Press any key to launch the program
  • Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • When completed a Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Emsisoft report
  • Security check report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 18 December 2016 - 10:09 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:38 PM

Posted 20 December 2016 - 09:51 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users