Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10 PC running slow, possible spyware/malware??


  • This topic is locked This topic is locked
5 replies to this topic

#1 efowler99

efowler99

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 26 December 2017 - 04:00 PM

Hi, my PC has recently started running very slow.  From startup to launching Google Chrome it can take 10-15 minutes.. When launching Google Chrome it may take another few minutes to allow me to browse webpages.  Once i start using the PC it is jittery and slow..    I completed the recommended steps in the pinned posts (de-frag, uniinstall programs, etc).   
 
Any chance there is unwanted piece of malware/spyware/etc on my machine? 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
Ran by Eric (administrator) on ERIC-PC (26-12-2017 14:44:14)
Running from C:\Users\Eric\Downloads
Loaded Profiles: Eric (Available Profiles: Eric & Mcx1-ERIC-PC & Guest & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\n360.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\n360.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Eric\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-03-16] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [Dropbox Update] => C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-03-16] (Apple Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-03-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-03-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-03-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-04-02]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk [2010-04-08]
ShortcutTarget: PMB Media Check Tool.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2010-04-18]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mcx1-ERIC-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-03-04]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.77.1
Tcpip\..\Interfaces\{858787a5-c4c1-4d93-ba7a-8852677d465e}: [DhcpNameServer] 192.168.77.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
SearchScopes: HKLM -> DefaultScope {AF9DD09F-8EF0-4194-BDB1-F5C9C5206F7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {AF9DD09F-8EF0-4194-BDB1-F5C9C5206F7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {F10E74DC-9DA9-4256-8C68-6FFE2CB40926} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F10E74DC-9DA9-4256-8C68-6FFE2CB40926} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> DefaultScope {AF9DD09F-8EF0-4194-BDB1-F5C9C5206F7F} URL = 
SearchScopes: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> {AF9DD09F-8EF0-4194-BDB1-F5C9C5206F7F} URL = 
SearchScopes: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> {F10E74DC-9DA9-4256-8C68-6FFE2CB40926} URL = 
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2008-11-06] (TechSmith Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-04] (Sun Microsystems, Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2008-11-06] (TechSmith Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: FrostWire Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28] (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28] (Ask)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2008-11-06] (TechSmith Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2009-07-23] (Cozi Group, Inc.)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll [2009-02-20] (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-02-20] (Cisco Systems, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\1xqegi04.default [2017-12-26]
FF Homepage: Mozilla\Firefox\Profiles\1xqegi04.default -> hxxp://www.google.com/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2011-06-05] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default [2017-12-26]
CHR Extension: (Slides) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-30]
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-30]
CHR Extension: (Sheets) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-30]
CHR Extension: (Norton Identity Safe) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-07-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-30]
CHR Extension: (Chrome Media Router) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-07-02] (Broadcom Corporation.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LinksysUpdater; C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [204800 2008-11-13] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\N360.exe [326144 2017-11-10] (Symantec Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [186760 2011-06-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-07-02] (Broadcom Corporation.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.8.1.14\Definitions\BASHDefs\20171220.001\BHDrvx64.sys [1872024 2017-11-27] (Symantec Corporation)
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-11-18] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.8.1.14\Definitions\IPSDefs\20171225.003\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-12-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-12-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-12-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-12-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-12-26] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-17] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-26 14:44 - 2017-12-26 14:46 - 000022689 _____ C:\Users\Eric\Downloads\FRST.txt
2017-12-26 14:43 - 2017-12-26 14:44 - 000000000 ____D C:\FRST
2017-12-26 14:42 - 2017-12-26 14:42 - 002391552 _____ (Farbar) C:\Users\Eric\Downloads\FRST64 (1).exe
2017-12-26 14:41 - 2017-12-26 14:41 - 002391552 _____ (Farbar) C:\Users\Eric\Downloads\FRST64.exe
2017-12-22 09:25 - 2017-12-22 09:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-16 15:59 - 2017-12-26 09:04 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-16 15:59 - 2017-12-22 08:58 - 000252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-12-16 15:59 - 2017-12-22 08:58 - 000113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-12-16 15:59 - 2017-12-22 08:58 - 000044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-16 15:59 - 2017-12-16 15:59 - 000188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-12-16 15:58 - 2017-12-16 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-16 15:58 - 2017-12-16 15:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-16 15:58 - 2017-12-16 15:58 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-16 15:58 - 2017-05-31 11:09 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-16 15:54 - 2017-12-16 15:55 - 064025992 _____ (Malwarebytes ) C:\Users\Eric\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe
2017-12-14 19:55 - 2017-12-14 19:55 - 008823296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-12-12 19:22 - 2017-12-08 00:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-12 19:22 - 2017-12-07 17:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-12 19:22 - 2017-12-07 17:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 19:22 - 2017-12-07 17:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-12 19:22 - 2017-12-07 17:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-12 19:22 - 2017-12-07 17:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-12 19:22 - 2017-12-07 17:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:22 - 2017-12-07 17:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-12 19:22 - 2017-12-07 17:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-12 19:22 - 2017-12-07 17:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-12 19:22 - 2017-12-07 17:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-12 19:22 - 2017-12-07 17:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-12 19:22 - 2017-12-07 17:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-12 19:22 - 2017-12-07 17:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-12 19:22 - 2017-12-07 17:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-12 19:22 - 2017-12-07 16:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-12 19:22 - 2017-12-07 16:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-12 19:22 - 2017-12-07 16:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-12 19:22 - 2017-12-07 16:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-12 19:22 - 2017-12-07 16:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-12 19:22 - 2017-12-07 16:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:22 - 2017-12-07 16:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-12 19:22 - 2017-12-07 16:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-12 19:22 - 2017-12-07 16:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-12 19:22 - 2017-12-07 16:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-12 19:22 - 2017-12-07 16:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-12 19:22 - 2017-12-07 16:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-12 19:22 - 2017-12-07 16:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-12 19:22 - 2017-12-07 16:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-12 19:22 - 2017-12-07 16:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-12 19:22 - 2017-12-07 16:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-12 19:22 - 2017-12-07 16:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-12 19:22 - 2017-12-07 16:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-12 19:22 - 2017-12-07 16:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-12 19:22 - 2017-12-07 16:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-12 19:22 - 2017-12-07 16:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-12 19:22 - 2017-12-07 16:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-12 19:22 - 2017-12-07 16:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-12 19:22 - 2017-12-07 16:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-12 19:22 - 2017-12-07 16:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-12 19:22 - 2017-12-07 16:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-12 19:22 - 2017-12-07 16:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-12 19:22 - 2017-12-07 16:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-12 19:22 - 2017-12-07 16:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-12 19:22 - 2017-12-07 15:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-12 19:22 - 2017-12-07 15:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-12 19:22 - 2017-12-07 15:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-12 19:22 - 2017-12-07 15:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-12 19:22 - 2017-12-07 15:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 19:22 - 2017-12-07 15:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-12 19:22 - 2017-12-07 15:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-12 19:22 - 2017-12-07 15:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-12 19:21 - 2017-12-07 17:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-12 19:21 - 2017-12-07 17:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-12 19:21 - 2017-12-07 17:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-12 19:21 - 2017-12-07 17:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-12 19:21 - 2017-12-07 17:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-12 19:21 - 2017-12-07 17:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-12 19:21 - 2017-12-07 17:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-12 19:21 - 2017-12-07 17:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-12 19:21 - 2017-12-07 17:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-12 19:21 - 2017-12-07 17:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-12 19:21 - 2017-12-07 17:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-12 19:21 - 2017-12-07 17:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-12 19:21 - 2017-12-07 17:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-12 19:21 - 2017-12-07 17:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-12 19:21 - 2017-12-07 17:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-12 19:21 - 2017-12-07 17:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-12 19:21 - 2017-12-07 17:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-12 19:21 - 2017-12-07 16:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-12 19:21 - 2017-12-07 16:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-12 19:21 - 2017-12-07 16:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-12 19:21 - 2017-12-07 16:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-12 19:21 - 2017-12-07 16:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-12 19:21 - 2017-12-07 16:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-12 19:21 - 2017-12-07 16:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-12 19:21 - 2017-12-07 16:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-12 19:21 - 2017-12-07 16:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-12 19:21 - 2017-12-07 16:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-12 19:21 - 2017-12-07 16:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-12 19:21 - 2017-12-07 16:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-12 19:21 - 2017-12-07 16:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-12 19:21 - 2017-12-07 16:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-12 19:21 - 2017-12-07 16:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-12 19:21 - 2017-12-07 16:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-12 19:21 - 2017-12-07 16:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-12 19:21 - 2017-12-07 16:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-12 19:21 - 2017-12-07 16:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 19:21 - 2017-12-07 16:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-12 19:21 - 2017-12-07 16:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-12 19:21 - 2017-12-07 16:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-12 19:21 - 2017-12-07 16:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-12 19:21 - 2017-12-07 16:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-12 19:21 - 2017-12-07 16:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-12 19:21 - 2017-12-07 16:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-12 19:21 - 2017-12-07 16:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-12 19:21 - 2017-12-07 15:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 19:21 - 2017-12-07 15:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-12 19:21 - 2017-12-07 15:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-12 19:21 - 2017-12-07 15:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-12 19:21 - 2017-12-07 15:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-12 19:21 - 2017-12-07 15:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-12 19:21 - 2017-12-07 15:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-12 19:21 - 2017-12-07 15:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-12 19:21 - 2017-12-07 15:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-12 19:20 - 2017-12-07 17:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-12 19:20 - 2017-12-07 17:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-12 19:20 - 2017-12-07 17:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-12 19:20 - 2017-12-07 16:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-12 19:20 - 2017-12-07 16:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-12 19:20 - 2017-12-07 16:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-12 19:20 - 2017-12-07 16:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-12 19:20 - 2017-12-07 16:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-12 19:20 - 2017-12-07 16:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-12 19:20 - 2017-12-07 16:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-12 19:20 - 2017-12-07 16:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-12 19:20 - 2017-12-07 16:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-12 19:20 - 2017-12-07 16:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-12 19:20 - 2017-12-07 16:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-12 19:20 - 2017-12-07 16:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-12 19:20 - 2017-12-07 16:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-12 19:20 - 2017-12-07 16:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-12 19:20 - 2017-12-07 16:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-12 19:20 - 2017-12-07 16:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:20 - 2017-12-07 16:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-12 19:20 - 2017-12-07 16:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-12 19:20 - 2017-12-07 16:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 19:20 - 2017-12-07 16:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-12 19:20 - 2017-12-07 16:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-12 19:20 - 2017-12-07 16:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-12 19:20 - 2017-12-07 16:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-12 19:20 - 2017-12-07 16:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-12 19:20 - 2017-12-07 16:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-12 19:20 - 2017-12-07 16:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-12 19:20 - 2017-12-07 16:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-12 19:20 - 2017-12-07 16:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-12 19:20 - 2017-12-07 16:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-12 19:20 - 2017-12-07 16:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-12 19:20 - 2017-12-07 16:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:20 - 2017-12-07 16:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-12 19:20 - 2017-12-07 16:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-12 19:20 - 2017-12-07 16:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-12 19:20 - 2017-12-07 16:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-12 19:20 - 2017-12-07 16:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-12 19:20 - 2017-12-07 15:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-12 19:03 - 2017-12-12 19:03 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-12 19:01 - 2017-12-12 19:01 - 000000000 ___HD C:\Users\Eric\MicrosoftEdgeBackups
2017-12-12 18:59 - 2017-12-16 18:19 - 000000000 ___RD C:\Users\Eric\3D Objects
2017-12-12 18:58 - 2017-12-12 18:58 - 000000020 ___SH C:\Users\Eric\ntuser.ini
2017-12-10 15:02 - 2017-12-10 15:02 - 000000072 ___SH C:\bootTel.dat
2017-12-09 17:54 - 2017-12-09 17:55 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2017-12-09 17:54 - 2017-12-09 17:55 - 000019053 _____ C:\WINDOWS\diagerr.xml
2017-12-09 17:54 - 2017-12-09 17:54 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-12-09 17:49 - 2017-12-26 09:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2017-12-09 17:49 - 2017-12-22 08:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-09 17:49 - 2017-12-18 19:04 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6D55AF29-417B-4DB9-89DC-0EEFCB540AE7}
2017-12-09 17:49 - 2017-12-14 19:57 - 000004582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-09 17:49 - 2017-12-14 19:57 - 000004374 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-09 17:49 - 2017-12-09 17:49 - 000003640 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000UA1d237623177d22a
2017-12-09 17:49 - 2017-12-09 17:49 - 000003372 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000Core1d23762314a8574
2017-12-09 17:49 - 2017-12-09 17:49 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-09 17:49 - 2017-12-09 17:49 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-09 17:49 - 2017-12-09 17:49 - 000002952 _____ C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar
2017-12-09 17:49 - 2017-12-09 17:49 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2609771528-3684475644-1073469851-1000
2017-12-09 17:49 - 2017-12-09 17:49 - 000002822 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-09 17:49 - 2017-12-09 17:49 - 000002612 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-12-09 17:49 - 2017-12-09 17:49 - 000002532 _____ C:\WINDOWS\System32\Tasks\JavaUpdateEric
2017-12-09 17:49 - 2017-12-09 17:49 - 000002452 _____ C:\WINDOWS\System32\Tasks\4568
2017-12-09 17:49 - 2017-12-09 17:49 - 000002382 _____ C:\WINDOWS\System32\Tasks\{CF57FAB3-6552-4E3C-A282-0659BDD120FA}
2017-12-09 17:49 - 2017-12-09 17:49 - 000002370 _____ C:\WINDOWS\System32\Tasks\0
2017-12-09 17:49 - 2017-12-09 17:49 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-12-09 17:49 - 2017-12-09 17:49 - 000002196 _____ C:\WINDOWS\System32\Tasks\{C53ADB25-2374-401D-8A06-4F3775EB1F87}
2017-12-09 17:49 - 2017-12-09 17:49 - 000002078 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2017-12-09 17:49 - 2017-12-09 17:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-12-09 17:49 - 2017-12-09 17:49 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-12-09 17:39 - 2017-12-09 17:39 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-09 17:39 - 2017-12-09 17:39 - 000000000 ____D C:\ProgramData\USOShared
2017-12-09 17:37 - 2017-12-14 20:06 - 000000000 ____D C:\Users\Eric\AppData\Local\Packages
2017-12-09 17:36 - 2017-12-18 23:14 - 000000000 ____D C:\Users\Eric
2017-12-09 17:36 - 2017-12-09 17:54 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-09 17:36 - 2017-12-09 17:49 - 000000000 ____D C:\Users\Mcx1-ERIC-PC
2017-12-09 17:36 - 2017-12-09 17:47 - 000000000 ____D C:\Users\Guest
2017-12-09 17:31 - 2017-12-22 09:02 - 001088302 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-09 17:31 - 2017-09-29 07:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-09 17:28 - 2017-12-26 13:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-09 17:28 - 2017-12-16 18:18 - 000276784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-09 16:29 - 2017-11-17 20:07 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-12-09 16:29 - 2017-11-17 20:07 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-12-09 16:28 - 2017-12-09 16:28 - 000000000 ___DL C:\Users\Public\Recorded TV (1)
2017-12-09 16:28 - 2017-12-09 16:28 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-12-09 16:27 - 2017-12-09 19:25 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-09 16:22 - 2017-12-09 16:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-09 16:11 - 2017-12-09 16:11 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-09 16:11 - 2017-12-09 16:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-09 16:10 - 2017-12-09 16:11 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-09 16:10 - 2017-12-09 16:10 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-09 16:10 - 2017-12-09 16:10 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-09 16:10 - 2017-12-09 16:10 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-09 16:10 - 2017-12-09 16:10 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-09 16:09 - 2017-12-09 16:09 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-09 16:09 - 2017-12-09 16:09 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-09 16:09 - 2017-12-09 16:09 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-09 16:09 - 2017-12-09 16:09 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-09 16:09 - 2017-12-09 16:09 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-09 16:09 - 2017-12-09 16:09 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-09 16:09 - 2017-12-09 16:09 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-09 16:09 - 2017-12-09 16:09 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-09 16:08 - 2017-12-09 16:08 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-09 16:08 - 2017-12-09 16:08 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-09 16:08 - 2017-12-09 16:08 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-09 16:08 - 2017-12-09 16:08 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-09 16:08 - 2017-12-09 16:08 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-09 16:08 - 2017-12-09 16:08 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-09 16:08 - 2017-12-09 16:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\WINDOWS\system32\msmq
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\Program Files\MSBuild
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-09 15:36 - 2017-12-09 15:36 - 000000000 ____D C:\inetpub
2017-12-09 15:31 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-09 15:31 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-09 15:31 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-09 15:30 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-09 15:30 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-09 15:30 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-09 15:10 - 2017-12-09 15:10 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-09 14:06 - 2017-12-12 18:58 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-09 13:59 - 2017-12-09 14:06 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-09 13:37 - 2017-12-12 18:59 - 000000000 ____D C:\Windows10Upgrade
2017-12-09 13:37 - 2017-12-09 17:57 - 000000000 ___HD C:\$GetCurrent
2017-12-09 13:37 - 2017-12-09 13:37 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2017-12-09 13:37 - 2017-12-09 13:37 - 000000797 _____ C:\Users\Eric\Desktop\Windows 10 Update Assistant.lnk
2017-12-09 00:25 - 2017-12-09 00:25 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-12-07 20:38 - 2017-12-09 17:42 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-12-26 13:52 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-26 13:52 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-26 13:52 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-26 13:44 - 2017-03-30 19:03 - 000000000 ___RD C:\Users\Eric\iCloudDrive
2017-12-18 17:05 - 2010-03-04 12:03 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Online
2017-12-17 22:25 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-17 04:19 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-16 18:21 - 2017-09-29 02:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-12-16 18:19 - 2016-06-01 16:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-16 18:17 - 2017-09-29 02:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-16 18:14 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-16 18:14 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-16 18:14 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-16 18:14 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-16 18:14 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-16 16:05 - 2010-11-13 10:01 - 000000000 ____D C:\Program Files (x86)\Ask.com
2017-12-16 15:53 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-14 20:06 - 2016-07-30 18:28 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-14 20:06 - 2016-07-30 18:28 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-14 19:56 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-14 19:56 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-14 19:45 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-12 19:37 - 2013-08-15 20:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-12 19:29 - 2017-10-11 18:18 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 19:28 - 2010-04-04 08:04 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-12 18:59 - 2016-06-01 16:14 - 000000000 ____D C:\Users\Eric\AppData\Local\TileDataLayer
2017-12-10 04:00 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-09 19:28 - 2017-09-29 07:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\schemas
2017-12-09 19:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Resources
2017-12-09 19:26 - 2016-07-16 05:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-09 19:26 - 2011-10-01 08:01 - 000000000 ____D C:\WINDOWS\system32\SPReview
2017-12-09 19:26 - 2011-10-01 08:00 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2017-12-09 19:26 - 2010-03-04 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\x64
2017-12-09 19:26 - 2010-03-04 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Lang
2017-12-09 19:25 - 2017-09-29 07:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-09 19:25 - 2017-09-29 07:46 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-12-09 19:25 - 2017-09-29 07:46 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-12-09 19:25 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-09 19:25 - 2017-07-07 14:01 - 000000000 ____D C:\Program Files\UNP
2017-12-09 19:25 - 2017-03-30 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-12-09 19:25 - 2017-03-30 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-12-09 19:25 - 2016-12-27 13:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2017-12-09 19:25 - 2016-08-07 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-09 19:25 - 2016-07-30 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-09 19:25 - 2014-04-12 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-09 19:25 - 2014-03-24 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
2017-12-09 19:25 - 2014-03-01 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2017-12-09 19:25 - 2013-03-13 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-09 19:25 - 2012-12-29 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-12-09 19:25 - 2011-10-29 08:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 9
2017-12-09 19:25 - 2011-04-15 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyVideoConverter
2017-12-09 19:25 - 2010-05-02 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimeWire
2017-12-09 19:25 - 2010-04-08 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Picture Utility
2017-12-09 19:25 - 2010-04-03 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
2017-12-09 19:25 - 2010-04-03 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister Fusion 7.2.2
2017-12-09 19:25 - 2010-04-02 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linksys
2017-12-09 19:25 - 2010-03-04 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
2017-12-09 19:25 - 2010-03-04 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-12-09 19:25 - 2010-03-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
2017-12-09 19:25 - 2010-03-04 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2017-12-09 19:25 - 2010-03-04 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2017-12-09 19:25 - 2009-07-13 23:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-09 19:25 - 2009-07-13 21:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-09 17:57 - 2011-01-09 14:37 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-12-09 17:56 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-09 17:54 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-09 17:53 - 2017-09-29 07:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-09 17:53 - 2016-06-01 15:45 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-09 17:49 - 2017-03-30 19:03 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-12-09 17:42 - 2015-01-17 10:22 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2017-12-09 17:42 - 2012-12-29 12:24 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-12-09 17:42 - 2010-05-02 07:38 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-09 17:39 - 2017-09-29 07:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-09 17:39 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-09 17:31 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-09 17:31 - 2016-09-27 03:07 - 000972436 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-09 17:30 - 2016-09-27 03:04 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-09 16:44 - 2017-09-29 07:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-09 16:28 - 2016-09-27 03:04 - 000000000 ____D C:\Program Files\Realtek
2017-12-09 16:28 - 2011-04-15 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2017-12-09 16:28 - 2009-07-13 23:32 - 000000000 ____D C:\Program Files\Microsoft Games
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-09 16:16 - 2017-09-29 07:46 - 000000000 ____D C:\PerfLogs
2017-12-09 16:07 - 2017-09-29 07:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-09 16:07 - 2017-09-29 07:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-09 16:07 - 2017-09-29 07:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-09 16:06 - 2017-09-29 07:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-09 15:36 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-12-09 15:36 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-12-09 15:35 - 2017-09-29 07:43 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-12-09 15:35 - 2017-09-29 07:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-12-09 15:35 - 2017-09-29 07:43 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-12-09 15:35 - 2017-09-29 07:43 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-12-09 15:35 - 2017-09-29 07:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-12-09 15:35 - 2017-09-29 07:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-12-09 15:35 - 2017-09-29 07:43 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-12-09 15:35 - 2017-09-29 07:43 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-12-09 15:35 - 2017-09-29 07:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-12-09 15:35 - 2017-09-29 07:43 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-12-09 15:35 - 2017-09-29 07:42 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-12-09 15:35 - 2017-09-29 07:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-12-09 15:35 - 2017-09-29 07:42 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-12-09 15:35 - 2017-09-29 07:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-12-09 15:35 - 2017-09-29 07:41 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-12-09 15:35 - 2017-09-29 07:41 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-12-09 15:34 - 2017-09-29 07:43 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-12-09 15:34 - 2017-09-29 07:43 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-12-09 15:34 - 2017-09-29 07:41 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-12-09 15:34 - 2017-09-29 07:41 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-12-09 15:34 - 2017-09-29 07:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-12-09 15:34 - 2017-09-29 07:41 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-12-09 15:34 - 2017-09-29 07:41 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-12-09 15:34 - 2017-09-29 07:41 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-12-09 15:34 - 2017-09-29 07:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-12-09 15:34 - 2017-09-29 07:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-12-09 15:33 - 2017-09-29 07:43 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-12-09 15:33 - 2017-09-29 07:43 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-12-09 15:33 - 2017-09-29 07:41 - 001381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-12-09 15:33 - 2017-09-29 07:41 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-12-09 15:33 - 2017-09-29 07:41 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-12-09 15:33 - 2017-09-29 07:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-12-09 15:33 - 2017-09-29 07:41 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-12-09 00:25 - 2017-08-02 19:10 - 000000000 ____D C:\Program Files\rempl
2017-12-07 20:41 - 2010-04-04 12:52 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Dropbox
2017-12-07 20:34 - 2017-11-01 18:12 - 000002405 _____ C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-07 20:34 - 2016-06-01 16:17 - 000000000 ___RD C:\Users\Eric\OneDrive
2017-12-03 16:38 - 2017-09-29 07:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-03 16:38 - 2017-09-29 07:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-01 01:57 - 2017-03-30 18:40 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-11-28 18:46 - 2013-11-07 21:12 - 000000000 ____D C:\Program Files\Google
2017-11-28 18:46 - 2013-11-07 21:11 - 000000000 ____D C:\Program Files (x86)\Google
 
==================== Files in the root of some directories =======
 
2014-02-21 21:29 - 2014-02-21 21:29 - 049940480 _____ () C:\Program Files (x86)\GUT2BE1.tmp
2010-12-12 13:23 - 2010-12-12 13:23 - 000099384 _____ () C:\Users\Eric\AppData\Roaming\inst.exe
2010-12-12 13:23 - 2010-12-12 13:23 - 000007859 _____ () C:\Users\Eric\AppData\Roaming\pcouffin.cat
2010-12-12 13:23 - 2010-12-12 13:23 - 000001167 _____ () C:\Users\Eric\AppData\Roaming\pcouffin.inf
2010-12-12 13:23 - 2010-12-12 13:23 - 000000055 _____ () C:\Users\Eric\AppData\Roaming\pcouffin.log
2010-12-12 13:23 - 2010-12-12 13:23 - 000082816 _____ (VSO Software) C:\Users\Eric\AppData\Roaming\pcouffin.sys
2010-12-11 19:46 - 2010-12-11 19:51 - 000001057 _____ () C:\Users\Eric\AppData\Roaming\vso_ts_preview.xml
2010-04-02 13:11 - 2017-10-10 19:05 - 000002060 _____ () C:\Users\Eric\AppData\Roaming\wklnhst.dat
2012-09-09 16:49 - 2012-09-09 16:49 - 000007607 _____ () C:\Users\Eric\AppData\Local\Resmon.ResmonCfg
2011-05-19 17:52 - 2011-10-02 09:51 - 000001940 _____ () C:\Users\Eric\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-12-19 19:09
 
==================== End of FRST.txt ============================
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2017
Ran by Eric (26-12-2017 14:48:50)
Running from C:\Users\Eric\Downloads
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-09 23:57:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2609771528-3684475644-1073469851-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2609771528-3684475644-1073469851-503 - Limited - Disabled)
Eric (S-1-5-21-2609771528-3684475644-1073469851-1000 - Administrator - Enabled) => C:\Users\Eric
Guest (S-1-5-21-2609771528-3684475644-1073469851-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2609771528-3684475644-1073469851-1002 - Limited - Enabled)
Mcx1-ERIC-PC (S-1-5-21-2609771528-3684475644-1073469851-1004 - Limited - Enabled) => C:\Users\Mcx1-ERIC-PC
WDAGUtilityAccount (S-1-5-21-2609771528-3684475644-1073469851-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton 360 (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}) (Version: 10.0.45.2 - Adobe Systems, Inc.)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Aiseesoft DVD to iPad Converter (HKLM-x32\...\Aiseesoft DVD to iPad Converter_is1) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.9.1.0 - Ask.com) <==== ATTENTION
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Blackboard Collaborate Launcher (HKLM-x32\...\{77A1A81A-8986-45A5-863E-9DDD2C753205}) (Version: 1.1.0.0 - Blackboard)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cozi (HKLM-x32\...\{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}) (Version: 1.0.4323.24051 - Cozi Group, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dropbox (HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
iCloud (HKLM\...\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}) (Version: 6.2.1.67 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java™ 6 Update 3 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
LimeWire 5.5.8 (HKLM-x32\...\LimeWire) (Version: 5.5.8 - Lime Wire, LLC)
Linksys EasyLink Advisor (HKLM-x32\...\{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}) (Version: 3.11.9139.94 - Linksys By Cisco Systems) Hidden
Linksys EasyLink Advisor (HKLM-x32\...\Linksys EasyLink Advisor) (Version:  - Linksys By Cisco Systems)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MixMeister Fusion 7.2.2 (HKLM-x32\...\MixMeister Fusion 7.2.2_is1) (Version:  - )
MobileMe Control Panel (HKLM\...\{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.00.11130 - Sony Corporation)
MyVideoConverter 2.40 (HKLM-x32\...\MyVideoConverter) (Version: 2.40 - MySoft, Inc.)
Norton 360 (HKLM-x32\...\N360) (Version: 22.11.2.7 - Symantec Corporation)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Primo (HKLM-x32\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
Pure Networks Platform (HKLM-x32\...\{FBDBC490-089D-4476-BF72-1F7A6368200A}) (Version: 11.1.9051.0 - Pure Networks) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.2.12 - Intuit)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5963 - Realtek Semiconductor Corp.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Runtime (HKLM-x32\...\{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
Snagit 9.1 (HKLM-x32\...\{0E6ED660-498C-42F7-9EF4-FB0C96DFC01A}) (Version: 9.1.0.206 - TechSmith Corporation)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.02.15040 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
WebEx Support Manager for Internet Explorer (HKLM-x32\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
WinDirStat 1.1.2 (HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\WinDirStat) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22314 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-03-16] (Apple Inc.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitShellExt64.dll [2008-11-06] (TechSmith Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitShellExt64.dll [2008-11-06] (TechSmith Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\buShell.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\NavShExt.dll [2017-11-10] (Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers1_S-1-5-21-2609771528-3684475644-1073469851-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2609771528-3684475644-1073469851-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2609771528-3684475644-1073469851-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Eric\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-12-04] (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00D8D9E4-C23C-4717-9C3F-BAE15EB4AEC8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {01D5F4BB-F894-4098-9C2D-273E9823A40A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-14] (Adobe Systems Incorporated)
Task: {02EFA095-D2C3-45BB-9A0B-0A9CB0A4C6F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {1656AE58-D622-4A86-9D19-D74BCFEDE794} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1826F6DC-059A-45FC-BF59-EA5B90CFCE26} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {1D69943D-5375-4BF0-BB9C-0E188E786A00} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {1F14287D-FEFB-4500-A324-47459C08158E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2228E8D3-6DE1-4413-9C86-E0A2FFA3496B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-10] (Piriform Ltd)
Task: {25038EAD-E7E1-4203-9F69-E6DDEE245376} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2DA319C7-9DF8-4815-AD95-6B337B3197AF} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Eric\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {2EF789E1-AA6D-4E1F-9195-F6026D8C375E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {315D97DC-2931-4C8A-A3A2-D6C84703ED1B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {347EF9AC-EB71-4119-B740-9F3586B6F166} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3A57DB03-08DF-4608-B4BD-A7ECF7FCEE5C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C4CAD99-F85D-4F98-AE46-4C46B6B81801} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F299148-1B0D-4A07-9922-2576F38B99DF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45740135-5B13-4143-88B8-5414FAE12FFA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000Core1d23762314a8574 => C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4DFB98D5-0FBC-41EC-B049-80429F1D884D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4E8380A2-A8A5-45C1-9FA5-F61DE99BF5AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {5085CE54-B01D-4912-A108-5D451D14FF32} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {5A34BE7E-7803-4FD8-A50B-A6182A3D8826} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D4821F0-7903-4C13-9748-6804F1996256} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2017-11-10] (Symantec Corporation)
Task: {6454EDA2-34C3-4C66-B382-180ED2A2BAFA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {681D5386-5AF7-45DE-8E1B-2D655425364D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6D8E8D8D-B0DF-40AF-9AC0-01860DB8D88D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6EE1FF63-A46E-4737-9939-12CA500CD8B2} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {74AA4212-3488-4201-8FBB-70D59394A6B8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7862EE03-6754-4DDA-95E5-FD7113E05402} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7869417F-75FF-4102-87E4-9765DEC1077A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000UA1d237623177d22a => C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {842A48DB-8A52-4BFC-A971-056964719C31} - System32\Tasks\4568 => wscript.exe C:\Users\Eric\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {8DA9B29C-F46E-4E19-A049-B753807D1C72} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {966DC40E-3884-4917-8983-B5714637172E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {99677FD6-4282-46EC-BC92-0EDC234AF145} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9CE9F6FC-C562-4DF7-85EC-06C26F02FBCC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9D2E0F8F-4D59-435E-985A-268FE4E59F11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A0B3BEE0-B6D0-4A5A-A3FF-30F2ED1F6A88} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A15638D4-8552-4D1D-B0FA-30747A25A4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {A25E8253-202D-4864-B434-A4F243EEA997} - System32\Tasks\JavaUpdateEric => C:\Windows\SysWOW64\jusched.exe
Task: {A551E57E-026E-4EE1-B1E0-AB2445A4BFAB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC600EEE-2F3A-43EE-AEFA-487834E56BBB} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-ERIC-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {AE2F37BA-B34A-467F-B4C0-0D514C509833} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6E4B7F1-DAC5-4A2B-A064-8253BAC7EE95} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\WSCStub.exe [2017-11-10] (Symantec Corporation)
Task: {B9695DBA-BE77-491B-A1F2-8D9126D0B4F1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB2885FA-B257-4C52-80F4-ED31306C8C7F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BED6C808-7FEA-4492-920C-232FA75EF920} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C6E1E5F6-DFFC-4D12-B5D9-54CF6752F854} - System32\Tasks\{CF57FAB3-6552-4E3C-A282-0659BDD120FA} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\webex\WebEx\830\WbxDLDrv.exe -d C:\ProgramData\webex\WebEx\830 -c /install /name "WebEx Document Loader"
Task: {CAE6AFCF-08F0-4E94-88CC-71509A38C03A} - System32\Tasks\0 => c:\program files (x86)\internet explorer\iexplore.exe  <==== ATTENTION
Task: {CC56D190-4628-4725-9FBD-4D9ED3759E9A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CFBAF0A5-9F0F-46F0-9615-4DAF3F086498} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D993AFB3-DE2E-414B-AF59-2B6D7C549145} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {DCDCFB46-55BF-4606-A003-23AB377E6E3A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF31A9A5-3E57-4425-9ED9-0CA4EC1EF9F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFA9508B-E73F-4638-8C6F-81A706092234} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\Sidebar.exe
Task: {DFFBDA9C-8084-4968-B78E-1E87EE6AEC10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E50A5398-0DD2-480B-80BD-F0EF6D4A9745} - System32\Tasks\{C53ADB25-2374-401D-8A06-4F3775EB1F87} => C:\Windows\system32\pcalua.exe -a D:\startinstall.exe -d D:\
Task: {E6D09BA1-CAFB-49F0-A645-9E29C61D3CF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-14] (Adobe Systems Incorporated)
Task: {E950DAF2-39FF-4B36-AAAC-819D2A2FE537} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E972E450-8E03-40FF-B278-79E6087384AF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EFDC1655-E06B-4F03-AFE8-4956FA30A5B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F62311AB-EBAC-4158-B189-2F439E44D536} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F7E51801-5DAD-4E2B-AC73-5BF32A3C2433} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\SymErr.exe [2017-11-10] (Symantec Corporation)
Task: {F83D2EE0-1EE3-4D02-A881-08D82EB205A9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000Core1d23762314a8574.job => C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2609771528-3684475644-1073469851-1000UA1d237623177d22a.job => C:\Users\Eric\AppData\Local\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-04-03 21:24 - 2011-06-05 16:25 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
2017-12-16 15:58 - 2017-05-31 11:09 - 002270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-09 16:10 - 2017-12-09 16:10 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-12 19:44 - 2017-12-12 19:45 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-12 19:44 - 2017-12-12 19:45 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-12 19:44 - 2017-12-12 19:45 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-12 19:44 - 2017-12-12 19:45 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 001807600 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-10-15 03:10 - 2009-10-15 03:10 - 000498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2017-12-14 20:06 - 2017-12-05 22:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-14 20:06 - 2017-12-05 22:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
2017-12-07 20:32 - 2017-12-07 20:32 - 000102088 _____ () C:\Users\Eric\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2017-03-16 15:09 - 2017-03-16 15:09 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:09 - 2017-03-16 15:09 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 000275696 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 000058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 000095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 000152816 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 16:15 - 2009-11-13 16:15 - 000017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2008-12-12 17:11 - 2008-12-12 17:11 - 000148480 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2008-12-12 17:11 - 2008-12-12 17:11 - 000097280 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2017-10-10 19:05 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eric\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{99ad6086-5283-4c2e-85be-49c45b50f63d}.JPG
DNS Servers: 192.168.77.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-2609771528-3684475644-1073469851-1000\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A6E4C83E-1491-4035-8077-BCD7209B0A27}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{11C8C5E5-1A24-4091-A95F-4DE6D70FE29C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{03D20666-54F8-46B4-B4C7-C7E250ADC970}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{20FB1A98-ECD1-440D-B11D-10FB08EAC79C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9F181B44-E33E-4EAE-A267-BACE830B7A02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3EE25C67-E5FB-42D0-8424-8C05D235BC54}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{A441692E-0CD5-4A58-95F5-B392DBB40890}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{52456229-8FF7-4AED-8307-567A863A1F4B}] => (Allow) LPort=1900
FirewallRules: [{A374C900-EC50-4B7D-B193-E3F952A27C3E}] => (Allow) LPort=2869
FirewallRules: [{4D5BE259-6F95-4DFE-9EC8-8108C784A8CC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FA5A3E51-C4D7-4B9F-98C0-CB88A47A1DEE}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{DEC55103-694D-433B-8A4D-30A1F58194F0}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{A875A63A-86CD-4171-A279-875945AA51A0}] => (Allow) C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{32F31CCC-0A7D-484A-AF88-F79B913B2FD8}] => (Allow) C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8211454D-FCDC-40D3-9A5E-CC89F4DDBE1F}] => (Allow) LPort=67
FirewallRules: [{9700CD23-EC71-4359-97E1-3A1FC5DFC41D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{AC457254-3B4B-4DBB-9271-79E2380E83DA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{CC986DCF-1B53-49F2-A432-75A8265A876B}] => (Allow) LPort=67
FirewallRules: [{1A0EF658-F5DA-4C61-80FF-798731AA260E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{44A5086A-3AD9-473F-94A8-FDB440EE31DD}] => (Allow) svchost.exe
FirewallRules: [{97E8CFDE-ED35-4D4B-93BC-55CC262A9654}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C58F87FC-1845-46E2-98E4-D3164A9444B3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{6DCEEBB2-B124-42C3-905A-B33F43C46408}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{00C7F3D2-1EBE-4B9A-9009-53081059A12D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
26-12-2017 14:12:51 Removed Vimeo Uploader
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/26/2017 01:52:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_15cbcf8893620c09.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_5d79065fa7de350f.manifest.
 
Error: (12/16/2017 04:11:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eric-PC)
Description: Package Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.
 
Error: (12/16/2017 03:38:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eric-PC)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.
 
Error: (12/14/2017 07:45:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15687
 
Error: (12/14/2017 07:45:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15687
 
Error: (12/14/2017 07:45:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/12/2017 07:36:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (12/12/2017 07:36:54 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Disabled performance counter data collection from the "ASP.NET_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
 
Error: (12/12/2017 07:36:54 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Windows cannot open the 32-bit extensible counter DLL ASP.NET_2.0.50727 in a 64-bit environment. Contact the file vendor to obtain a 64-bit version. Alternatively, you can open the 32-bit extensible counter DLL by using the 32-bit version of Performance Monitor. To use this tool, open the Windows folder, open the Syswow64 folder, and then start Perfmon.exe.
 
Error: (12/12/2017 07:06:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Cozi Express\CoziExpress.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_cc930a042215c348.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.98_none_144040db3691ec4e.manifest.
 
 
System errors:
=============
Error: (12/26/2017 02:50:31 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:50:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:50:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:50:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:50:11 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:50:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:49:31 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:49:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:49:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (12/26/2017 02:49:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
CodeIntegrity:
===================================
  Date: 2017-12-26 14:43:44.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:43:44.475
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:40:36.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:40:36.436
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:28:43.780
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:28:43.775
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:25:34.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:25:34.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:13:38.241
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-12-26 14:13:38.238
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 45%
Total physical RAM: 8156.98 MB
Available physical RAM: 4435.04 MB
Total Virtual: 16348.98 MB
Available Virtual: 12545.98 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:916.82 GB) (Free:580.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 78033E78)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=916.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by hamluis, 26 December 2017 - 04:17 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:02 PM

Posted 27 December 2017 - 09:34 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.9.1.0 - Ask.com) <==== ATTENTION
LimeWire 5.5.8 (HKLM-x32\...\LimeWire) (Version: 5.5.8 - Lime Wire, LLC)
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
SearchScopes: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: FrostWire Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28] (Ask)
Toolbar: HKLM-x32 - FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-09-28] (Ask)
Toolbar: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-2609771528-3684475644-1073469851-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.11.2.7\Exts\Chrome.crx <not found>
U3 idsvc; no ImagePath

ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
Task: {00D8D9E4-C23C-4717-9C3F-BAE15EB4AEC8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {1656AE58-D622-4A86-9D19-D74BCFEDE794} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1826F6DC-059A-45FC-BF59-EA5B90CFCE26} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {347EF9AC-EB71-4119-B740-9F3586B6F166} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4E8380A2-A8A5-45C1-9FA5-F61DE99BF5AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {681D5386-5AF7-45DE-8E1B-2D655425364D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {74AA4212-3488-4201-8FBB-70D59394A6B8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {842A48DB-8A52-4BFC-A971-056964719C31} - System32\Tasks\4568 => wscript.exe C:\Users\Eric\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {8DA9B29C-F46E-4E19-A049-B753807D1C72} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {966DC40E-3884-4917-8983-B5714637172E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9CE9F6FC-C562-4DF7-85EC-06C26F02FBCC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9D2E0F8F-4D59-435E-985A-268FE4E59F11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A0B3BEE0-B6D0-4A5A-A3FF-30F2ED1F6A88} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A15638D4-8552-4D1D-B0FA-30747A25A4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {CAE6AFCF-08F0-4E94-88CC-71509A38C03A} - System32\Tasks\0 => c:\program files (x86)\internet explorer\iexplore.exe  <==== ATTENTION
Task: {CC56D190-4628-4725-9FBD-4D9ED3759E9A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DFFBDA9C-8084-4968-B78E-1E87EE6AEC10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E950DAF2-39FF-4B36-AAAC-819D2A2FE537} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EFDC1655-E06B-4F03-AFE8-4956FA30A5B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F83D2EE0-1EE3-4D02-A881-08D82EB205A9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
C:\Program Files (x86)\Ask.com
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask
C:\WINDOWS\System32\GWX
C:\Windows\System32\Tasks\4568
C:\Users\Eric\AppData\Local\Temp\launchie.vbs
C:\Program Files (x86)\GUT2BE1.tmp

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • <- I suggest you clean everything reported.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended. (You need to check with Internet Explorer) <- Important.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.

or

If still present after these updates remove these old version(s) via the Control Panel > Programs > Programs and Features.
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java 6 Update 3 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)


Please post the logs and let me know if the problem persists.

#3 efowler99

efowler99
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 27 December 2017 - 11:36 AM

Thank you for the assistant..   I did all steps as requested, the two log files are attached (fixlog.txt and adwcleanerCx.txt). 

 

I did not know if you wanted me to run another FRST log so I did not record one..  

 

Seems to be running faster, I will give it a test drive now.. 

 

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:02 PM

Posted 27 December 2017 - 01:12 PM

Has your problem been solved?

#5 efowler99

efowler99
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:02 PM

Posted 27 December 2017 - 07:02 PM

Yes, I believe everything is running much faster... Thank you for the assistance.    Did you find anything specific? 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,447 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:02 PM

Posted 28 December 2017 - 08:07 AM

Hi,

Mostly PUP (Potentially Unwanted Programs).

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users