Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Computer Has Been Blocked

In Progress 
7K views 26 replies 2 participants last post by  wannabeageek 
#1 ·
Sorry - Norton indicates SysInfo as threat as (Trojan.Gen.8) - I will wait until I have further directions from Tech Support Guy to download it if necessary.
My problem is the following:
I use Win 10, browser - Chrome,
- often while on the internet using Chrome - when I click to continue whatever I'm doing a popup displays the following: s3.amazonaws.com says:
***YOUR COMPUTER HAS BEEN BLOCKED***
a phone number is displayed to call - etc.

I have been going directly to "Task Manager" and ending Chrome then restarting Chrome.
Is there a solution to this issue?
 
#2 ·
SysInfo.exe is not a threat.
Disable Norton's for 15 minutes, (if a timer exists), and follow the instructions below.
15 minutes should be plenty of time to execute the instructions.

TSG - SysInfo utility
  • Right mouse click on this link: SysInfo utility
  • Select from the pop up box:
    "Save link as..."
  • From the left panel of the pop up box, scroll up and select desktop.
  • Click the "Save" button.
From your desktop:
  • Right Mouse click SysInfo.exe, select "Run As Administrator" to run it... if UAC prompts, please allow it.
  • Right click, select copy and then paste in your next post.

If there is no timer to restart Norton's Anti-Virus software, be sure to reactivate the program!
 
#3 ·
As requested here are the Sysinfo results -- thanks for for the procedure~~

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 6050 Mb
Graphics Card: Intel(R) HD Graphics 3000, -1988 Mb
Hard Drives: C: 464 GB (181 GB Free);
Motherboard: TOSHIBA, PHQAA
Antivirus: Norton AntiVirus, Enabled and Updated
 
#4 ·
Hi VJC,

Malwarebytes' Anti-Malware

Please goto Malwarebytes' Anti-Malware download page.
Click "DOWNLOAD" at the bottom of the "FREE" column. (Changes page)
Save or move to your desktop and follow the instructions on the page.

When the program opens, close the intro popup.
In the left column, Click the "SCAN" tab. This will display 3 columns in the main windows.
Click on "Custom Scan". Then click the "Confiure Scan" button at the bottom.
Click the box for "Scan for Rootkits" under the "Custom Scan" header.
Make sure the "C:" drive box is checked. If not, click it to make a check mark appear.
Press the Scan Now button at the bottom.
When the scan finishes, post back that it has completed.
 
#5 ·
I have been using Malwarebytes' Anti-Malware Home Premium (current version 2.2.1.1043) for a few years. Instead of downloading the "Free Version"as suggested I used my own Malwarebytes and as instructed ran the "Scan for Rootkits". The scan has completed so posting back as requested.
 
#7 ·
There was no report or option to get a report upon completion of scan. I am enclosing a copy of the history of the scan:
Scan Date: 2/3/2017
Scan Time: 12:40 PM
Logfile:
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2017.02.03.10
Rootkit Database: v2016.11.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: Vic
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 559968
Time Elapsed: 4 hr, 36 min, 30 sec
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
 
#8 ·
Rather odd that MBAM did not find anything.

Run this please and post the results in separate posts.

FRST - Farbar Recovery Scanner Tool


Please download FRST64.exe ... by Farbar. Save or move it to your desktop.
  1. Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.
Separate posts are acceptable.
 
#9 ·
"FRST" as requested:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
Ran by Vic (administrator) on VIC-PC (05-02-2017 10:57:18)
Running from C:\Downloads\Farbar Recovery Scan Tool
Loaded Profiles: Vic & (Available Profiles: Vic)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files (x86)\ProShow Producer60\scsiaccess.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.7.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
() C:\Program Files (x86)\ClipX\clipx.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174328 2015-09-29] (Realtek Semiconductor)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2012-07-25] (Intel® Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2016-11-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-30] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots4.scr [79872 2016-04-18] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
Startup: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\clipx - Shortcut.lnk [2014-03-30]
ShortcutTarget: clipx - Shortcut.lnk -> C:\Program Files (x86)\ClipX\clipx.exe ()
Startup: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots Wallpaper & Screensaver.lnk [2016-12-19]
ShortcutTarget: Webshots Wallpaper & Screensaver.lnk -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots.exe (Webshots)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3a7f8790-4786-4932-b01b-f2028a612516}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5eb6bef-5c97-4fca-9ebe-b357ba29153b}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {30CE3397-2BD4-490B-B396-4856904F3533} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4 -> {904C22BF-CD32-407E-A444-5387D461ACFF} URL =
SearchScopes: HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.aol.com/aolcom/search?q={searchTerms}&s_it= clientsem-ie
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-03-02] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-01-28] (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-26] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-02] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-26] (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-01-28] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-02-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-03-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-02-26] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-01-28] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-01-28] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-11] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-03-02] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3846380544-3363897709-504992317-1001 -> hxxp://bing.com/

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-28] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-10] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-02-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-02-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-10-13] (Nero AG)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-05-31] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/search
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default [2017-02-05]
CHR Extension: (Google Drive) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-13]
CHR Extension: (YouTube) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30]
CHR Extension: (Google Search) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30]
CHR Extension: (iCloud Bookmarks) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2016-02-01]
CHR Extension: (Classic blue theme) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gapfoeoijjkibljnhednndeabimdilek [2015-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-13]
CHR Extension: (Gmail App Launcher) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbjackfgfafcnpfaanflcjoknkhofnh [2016-05-23]
CHR Extension: (Sticky Notes) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2016-06-03]
CHR Extension: (FullTab) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflppnogboohignhhlofaljmfcmddefi [2017-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Tab Layouts - Arrange Tabs Into Layouts) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnolcokfhilodfohiidmaelobjleppf [2016-12-22]
CHR Extension: (Gmail) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-02]
CHR Extension: (RoboForm Password Manager) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-11-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-01]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-09-13] (Intel Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-08-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2012-07-18] (Red Bend Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\NAV.exe [289080 2016-11-12] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315648 2015-09-29] (Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\ProShow Producer60\ScsiAccess.exe [186760 2015-05-31] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2016-11-23] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2012-07-18] (Intel(R) Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.0.76\Definitions\BASHDefs\20170201.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NAV; C:\WINDOWS\system32\drivers\NAVx64\1608010.00E\ccSetx64.sys [174328 2016-06-01] (Symantec Corporation)
R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [34512 2016-12-23] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
U3 EraserUtilDrv11620; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11620.sys [156824 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-04] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.0.76\Definitions\IPSDefs\20170203.002\IDSvia64.sys [1038024 2017-01-13] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew00.sys [3341824 2016-07-16] (Intel Corporation)
S3 PSMounterEx; C:\WINDOWS\system32\drivers\psmounterex.sys [169992 2015-07-30] (Windows (R) Win 7 DDK provider)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [12760 2014-07-21] (Paramount Software UK Ltd)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\Drivers\NAVx64\1608010.00E\SRTSP64.SYS [784624 2016-11-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NAVx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-11] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NAVx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NAVx64\1608010.00E\SymELAM.sys [24192 2016-06-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-15] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NAVx64\1608010.00E\Ironx64.SYS [289520 2016-11-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NAVx64\1608010.00E\SYMNETS.SYS [567512 2016-11-11] (Symantec Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-05 10:56 - 2017-02-05 10:57 - 00000000 ____D C:\FRST
2017-02-04 14:55 - 2017-02-04 14:55 - 00000000 ____D C:\Users\Vic\AppData\Local\Spoon
2017-02-04 14:44 - 2017-02-04 14:44 - 00002529 _____ C:\Users\Public\Desktop\TurboTax 2016.lnk
2017-02-04 14:44 - 2017-02-04 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-01-31 11:30 - 2017-01-31 11:30 - 00001210 _____ C:\Users\Public\Desktop\DAK Audio Workshop.lnk
2017-01-28 19:07 - 2017-01-28 19:07 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-27 20:05 - 2017-01-27 20:05 - 00001240 _____ C:\Users\Public\Desktop\Movavi Screen Capture 8.lnk
2017-01-27 20:05 - 2017-01-27 20:05 - 00000000 ____D C:\Users\Vic\AppData\Local\ScreenCapture
2017-01-27 20:05 - 2017-01-27 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-01-28 19:23 - 00000000 ____D C:\ProgramData\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-01-27 20:05 - 00000000 ____D C:\Program Files (x86)\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-01-27 20:04 - 00004096 _____ C:\ProgramData\nakuvtjg.ewu
2017-01-27 20:04 - 2017-01-27 20:04 - 00000016 _____ C:\ProgramData\mntemp
2017-01-25 12:23 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 12:23 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-13 17:09 - 2017-01-13 17:09 - 00000000 ____D C:\Users\Vic\Documents\VideoPad Projects
2017-01-13 12:08 - 2016-12-21 00:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 12:08 - 2016-12-20 23:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-13 12:08 - 2016-12-20 23:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 12:08 - 2016-12-20 23:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-13 12:08 - 2016-12-20 23:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-13 12:08 - 2016-12-20 23:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-13 12:08 - 2016-12-20 23:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-13 12:08 - 2016-12-20 23:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-13 12:08 - 2016-12-20 23:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-13 12:08 - 2016-12-20 23:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-13 12:08 - 2016-12-20 23:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-13 12:08 - 2016-12-14 00:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-13 12:08 - 2016-12-13 23:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-13 12:08 - 2016-12-13 23:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-13 12:08 - 2016-12-13 23:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-13 12:08 - 2016-12-13 23:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-13 12:08 - 2016-12-13 23:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-13 12:08 - 2016-12-13 23:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-13 12:08 - 2016-12-13 23:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-13 12:07 - 2016-12-21 00:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-13 12:07 - 2016-12-21 00:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-13 12:07 - 2016-12-20 23:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 12:07 - 2016-12-20 23:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-13 12:07 - 2016-12-20 23:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-13 12:07 - 2016-12-20 23:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-13 12:07 - 2016-12-20 23:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-13 12:07 - 2016-12-20 23:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-13 12:07 - 2016-12-20 23:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-13 12:07 - 2016-12-20 23:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-13 12:07 - 2016-12-20 23:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-13 12:07 - 2016-12-20 23:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-13 12:07 - 2016-12-20 23:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-13 12:07 - 2016-12-14 00:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-13 12:07 - 2016-12-14 00:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-13 12:07 - 2016-12-14 00:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-13 12:07 - 2016-12-14 00:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-13 12:07 - 2016-12-14 00:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-13 12:07 - 2016-12-13 23:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 12:07 - 2016-12-13 23:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-13 12:07 - 2016-12-13 23:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 12:07 - 2016-12-13 23:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-13 12:07 - 2016-12-13 23:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-13 12:07 - 2016-12-13 23:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-13 12:07 - 2016-12-13 23:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-13 12:07 - 2016-12-13 23:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-13 12:07 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-13 12:07 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-13 11:24 - 2016-12-21 02:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 11:23 - 2016-12-21 02:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 11:23 - 2016-12-21 02:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 11:23 - 2016-12-21 02:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 11:23 - 2016-12-21 02:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 11:23 - 2016-12-21 02:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 11:23 - 2016-12-21 02:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-13 11:23 - 2016-12-21 02:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 11:23 - 2016-12-21 02:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-13 11:23 - 2016-12-21 01:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-13 11:23 - 2016-12-21 01:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 11:23 - 2016-12-14 00:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-13 11:23 - 2016-12-14 00:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-13 11:23 - 2016-12-13 23:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-13 11:23 - 2016-12-13 23:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 11:23 - 2016-12-13 23:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-13 11:23 - 2016-12-13 23:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 11:23 - 2016-12-13 23:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 11:23 - 2016-12-13 23:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 11:23 - 2016-12-13 23:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-13 11:23 - 2016-12-13 23:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-13 11:23 - 2016-12-13 23:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-13 11:23 - 2016-12-13 23:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 11:23 - 2016-12-13 23:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-13 11:23 - 2016-12-13 23:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-13 11:23 - 2016-12-13 23:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-13 11:23 - 2016-12-13 23:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-13 11:23 - 2016-12-13 23:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-13 11:23 - 2016-12-13 23:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-13 11:22 - 2016-12-21 02:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-13 11:22 - 2016-12-21 02:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-13 11:22 - 2016-12-21 02:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-13 11:22 - 2016-12-21 02:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-13 11:22 - 2016-12-21 02:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 11:22 - 2016-12-21 02:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 11:22 - 2016-12-21 02:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 11:22 - 2016-12-21 02:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-13 11:22 - 2016-12-21 02:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 11:22 - 2016-12-21 02:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 11:22 - 2016-12-21 02:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 11:22 - 2016-12-21 01:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 11:22 - 2016-12-21 01:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-13 11:22 - 2016-12-21 01:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 11:22 - 2016-12-21 01:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 11:22 - 2016-12-21 01:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 11:22 - 2016-12-21 01:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-13 11:22 - 2016-12-14 00:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-13 11:22 - 2016-12-14 00:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 11:22 - 2016-12-13 23:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-13 11:22 - 2016-12-13 23:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-13 11:22 - 2016-12-13 23:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-13 11:21 - 2016-12-21 03:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 11:21 - 2016-12-21 03:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 11:21 - 2016-12-21 02:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-13 11:21 - 2016-12-21 02:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-13 11:21 - 2016-12-21 02:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 11:21 - 2016-12-21 02:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-13 11:21 - 2016-12-21 02:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 11:21 - 2016-12-21 02:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 11:21 - 2016-12-21 01:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-13 11:21 - 2016-12-21 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 11:21 - 2016-12-21 01:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 11:21 - 2016-12-21 01:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-13 11:21 - 2016-12-21 01:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-13 11:21 - 2016-12-14 00:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 11:21 - 2016-12-13 23:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 11:21 - 2016-12-13 23:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-13 11:20 - 2016-12-21 03:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-13 11:20 - 2016-12-21 02:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 11:20 - 2016-12-21 02:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-13 11:20 - 2016-12-21 01:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-13 11:20 - 2016-12-21 01:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 11:20 - 2016-12-21 01:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 11:20 - 2016-12-21 01:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-13 11:20 - 2016-12-13 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 11:20 - 2016-12-13 23:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 11:20 - 2016-12-13 23:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-13 11:20 - 2016-12-13 23:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 11:20 - 2016-12-13 23:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 11:20 - 2016-12-13 23:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 11:20 - 2016-12-13 23:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 11:20 - 2016-12-13 23:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-13 11:20 - 2016-12-13 23:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-13 11:20 - 2016-12-13 23:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-13 11:12 - 2016-12-21 01:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-13 11:12 - 2016-12-21 01:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 11:12 - 2016-12-21 01:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 11:12 - 2016-12-14 00:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-13 11:12 - 2016-12-14 00:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-13 11:12 - 2016-12-14 00:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 11:12 - 2016-12-14 00:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 11:12 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-13 11:12 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 11:12 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-13 11:07 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 11:05 - 2016-12-21 02:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-13 11:05 - 2016-12-14 00:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-13 11:00 - 2016-12-14 00:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-13 11:00 - 2016-12-14 00:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 19:56 - 2017-01-10 19:56 - 20358232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-01-07 13:12 - 2017-01-11 19:54 - 00000156 _____ C:\Users\Vic\Desktop\Google Calendar.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-05 10:56 - 2016-12-07 15:59 - 00005200 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Vic-Pc-Vic Vic-Pc
2017-02-05 10:46 - 2014-04-06 13:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-05 09:29 - 2016-09-25 11:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-04 17:29 - 2014-02-25 17:36 - 00000000 ____D C:\Users\Vic\AppData\Local\Packages
2017-02-04 15:19 - 2016-11-25 20:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2017-02-04 14:55 - 2014-03-07 16:46 - 00000000 ____D C:\Users\Vic\AppData\Local\CrashDumps
2017-02-04 14:45 - 2014-03-17 15:27 - 00000934 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-02-04 14:42 - 2014-03-17 15:26 - 00000000 ____D C:\Users\Vic\AppData\Roaming\Intuit
2017-02-04 14:42 - 2014-03-17 15:22 - 00000000 ____D C:\Program Files (x86)\TurboTax
2017-02-04 14:23 - 2016-09-25 11:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-02-03 12:26 - 2016-09-25 11:27 - 00000000 ____D C:\Users\Vic
2017-02-03 10:29 - 2014-04-06 13:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-03 10:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-02 16:36 - 2014-04-06 13:38 - 00002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-02 08:42 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-31 11:33 - 2014-10-30 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Toolbox
2017-01-31 11:33 - 2014-10-30 14:37 - 00000000 ____D C:\Program Files (x86)\Audio Toolbox
2017-01-31 11:30 - 2014-08-07 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAK Audio Workshop
2017-01-31 11:30 - 2014-08-07 15:42 - 00000000 ____D C:\Program Files (x86)\DAK Audio Workshop
2017-01-31 08:49 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-28 19:54 - 2014-05-26 18:29 - 00000000 ____D C:\ProgramData\NCH Software
2017-01-28 19:54 - 2014-05-26 18:28 - 00000000 ____D C:\Program Files (x86)\NCH Software
2017-01-28 19:07 - 2015-09-29 13:25 - 00002393 _____ C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-28 19:07 - 2014-03-02 22:26 - 00000000 ___RD C:\Users\Vic\OneDrive
2017-01-28 09:31 - 2016-09-25 11:53 - 00004188 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2017-01-28 09:31 - 2016-09-25 11:53 - 00003570 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2017-01-28 09:28 - 2014-02-27 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2017-01-27 20:21 - 2016-11-18 22:18 - 00000000 ____D C:\Users\Vic\AppData\Local\Nero
2017-01-27 20:05 - 2014-10-15 12:30 - 00000000 ____D C:\Users\Vic\AppData\Local\Movavi
2017-01-27 09:32 - 2016-09-25 11:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-25 12:27 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 11:33 - 2015-12-18 13:21 - 00000000 ____D C:\Users\Vic\Documents\ShuffleBoard
2017-01-24 11:19 - 2014-03-03 21:19 - 00000000 ____D C:\Users\Vic\Documents\Excel Documents
2017-01-19 21:46 - 2015-04-11 08:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-17 10:57 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-15 08:43 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-14 19:17 - 2015-09-10 00:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 19:07 - 2016-07-16 01:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-01-14 19:07 - 2016-01-30 08:41 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-14 19:07 - 2014-02-28 23:13 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-01-14 19:06 - 2016-09-25 11:20 - 00820200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-14 19:05 - 2016-07-16 01:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-14 09:53 - 2014-02-25 18:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-13 17:38 - 2014-02-25 18:17 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-13 10:47 - 2016-09-25 11:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 19:56 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-10 19:56 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-07 11:51 - 2014-10-24 05:15 - 00000000 ____D C:\Program Files (x86)\ProShow Producer60
2017-01-07 11:43 - 2016-09-25 11:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software

==================== Files in the root of some directories =======

2014-10-29 10:22 - 2014-10-29 10:26 - 0000138 _____ () C:\Users\Vic\AppData\Roaming\settings.xml
2016-12-23 15:27 - 2016-12-23 15:27 - 0001167 _____ () C:\Users\Vic\AppData\Roaming\trace_FilterInstaller.txt
2016-12-23 15:27 - 2016-12-23 15:27 - 0000000 _____ () C:\Users\Vic\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-03-28 08:32 - 2015-02-09 16:11 - 0007680 _____ () C:\Users\Vic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-12 19:32 - 2014-04-12 19:32 - 0007599 _____ () C:\Users\Vic\AppData\Local\Resmon.ResmonCfg
2014-04-12 21:46 - 2014-04-12 21:47 - 0037466 _____ () C:\Users\Vic\AppData\Local\WiDiSetupLog.20140412.224608.wdl
2014-04-20 11:23 - 2014-04-20 11:26 - 0034168 _____ () C:\Users\Vic\AppData\Local\WiDiSetupLog.20140420.122358.wdl
2014-05-12 16:07 - 2014-05-12 16:07 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-29 10:20 - 2007-10-16 23:24 - 0001328 _____ () C:\ProgramData\CfgBennu.ini
2014-03-17 15:27 - 2017-02-04 14:45 - 0000934 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-01-27 20:04 - 2017-01-27 20:04 - 0000016 _____ () C:\ProgramData\mntemp
2017-01-27 20:04 - 2017-01-27 20:04 - 0004096 _____ () C:\ProgramData\nakuvtjg.ewu
2014-10-15 12:30 - 2014-10-15 12:30 - 0005038 _____ () C:\ProgramData\vczcspay.tpu

Some files in TEMP:
====================
2016-12-21 17:28 - 2012-07-27 03:22 - 0353944 ____R (CANON INC.) C:\Users\Vic\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-31 09:23

==================== End of FRST.txt ============================
 
#10 ·
"Addition" as requested:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2017
Ran by Vic (05-02-2017 11:00:07)
Running from C:\Downloads\Farbar Recovery Scan Tool
Windows 10 Home Version 1607 (X64) (2016-09-25 16:57:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3846380544-3363897709-504992317-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3846380544-3363897709-504992317-503 - Limited - Disabled)
Guest (S-1-5-21-3846380544-3363897709-504992317-501 - Limited - Disabled)
Vic (S-1-5-21-3846380544-3363897709-504992317-1001 - Administrator - Enabled) => C:\Users\Vic

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audio Toolbox version 1.5 (HKLM-x32\...\{94384B5C-E235-47F0-A134-F42686D10A05}_is1) (Version: 1.5 - DAK)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version: - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
ClipX (HKLM-x32\...\ClipX) (Version: - )
Convert VOB to AVI (HKLM-x32\...\{5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1) (Version: - www.convertvobtoavi.com)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAK Audio Workshop version 2.4 (HKLM-x32\...\{F6DF561D-6D03-4248-A7C0-AC972D46236F}_is1) (Version: 2.4 - DAK Industries 2000)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.07 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6522E102-68A6-4912-83FC-D73CF5D64FA9}) (Version: 4.3.3.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Macrium Reflect Standard Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Standard Edition (Version: 5.3.7310 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4569.1507 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Screen Capture 8 (HKLM-x32\...\Movavi Screen Capture 8) (Version: 8.1.0 - Movavi)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 7.3.1 PRO - MP3 Rocket Inc)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 2015 Essentials (HKLM-x32\...\{2AAC27DF-265A-4DF1-9CFC-93707CD162E3}) (Version: 16.0.00100 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Prerequisite Installer 6.0 (HKLM-x32\...\{E5BAA2DF-F586-4319-BF9B-30AA50AD6B5D}) (Version: 18.0.00100 - Nero AG)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.8.1.14 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PCFixKit 2.1 (HKLM-x32\...\{08E486BC-850F-413A-B1D4-52CD42D411B3}_is1) (Version: - www.PCFixKit.com)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
RoboForm 7-9-26-6 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-26-6 - Siber Systems)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Scansoft PDF Professional (x32 Version: - ) Hidden
Serif PagePlus X6 (HKLM-x32\...\{E2B22002-9C8B-43CC-A75B-464B6ED4FF6B}) (Version: 16.0.3.29 - Serif (Europe) Ltd)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Print Shop 3.0 Fonts (HKLM-x32\...\{2C3060F6-F0DC-4F63-A70F-2070BE57EEDC}) (Version: 1.0 - Encore)
The Print Shop 3.0 Professional (HKLM-x32\...\{4B75C418-A7DF-4C11-B854-EB5EBFB07C88}) (Version: 3.0 - Encore)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Video Screen Trapper PRO (HKLM-x32\...\{911C5B68-E2F7-45D3-8E23-FFAE40FEC8BB}) (Version: 1.20.0000 - a DAK software product )
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{63911503-7EA4-4685-B2FD-D391EF622FB9}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{34C6812E-E231-4B13-9DAC-21E06ECA864A}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Webshots Wallpaper & Screensaver version 4.3.1.176 (HKLM-x32\...\{B84DEFE1-0175-47C9-BC1D-8645FCBC0ECE}_is1) (Version: 4.3.1.176 - Webshots)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\ChromeHTML: -> <==== ATTENTION
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\ChromeHTML: -> <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0339C846-E52E-4CEC-ABED-8973C571536C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-11-11] (Symantec Corporation)
Task: {15105F4D-0C33-4FF3-823B-1F27C7DB599D} - System32\Tasks\{ADDFEC57-501D-466C-B50F-C5417162444C} => pcalua.exe -a "C:\Program Files (x86)\Audacity\unins000.exe"
Task: {31B6692C-7160-45E9-B93B-E99CCFFA0122} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3331F392-9421-4566-AC5D-5BA9BD5D4247} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {466544C2-26AE-4367-B471-9C1F2AF28857} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {54375509-2883-48BA-8A7C-5443C9F6E479} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {5C3C3E06-F750-4AE9-A187-0F16F7F23E12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {69D26E40-517A-4D99-AE40-E59BB1FD1EF0} - System32\Tasks\Norton AntiVirus\Norton Autofix => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {6AB2DEB8-B3E0-42F8-99DD-9827D2CCE7D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B5A4AA3-EF55-467C-B87F-3BCB480B8C76} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6CA8A010-B26E-4DD8-9D3B-E83C76594E49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-13] (Microsoft Corporation)
Task: {80F7D49B-98F2-46E5-8DD9-E7AF19AD5544} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMOJNJJMLMLJNJHMLJCNNJKJMJLMCNLMNMMJHMCNOJLMOMNMCNNMLJNJJMJMHMHMOJKMLJMJJMJNJICMIMCNGMCNNMJMFMOMOMCNKMIMJMCNOMLMMMGMMMFMPMCNPMCNOMLMMMGMMMCNNMJNPICMOMFMEKMICNJJCKFMOMPMJMKMJNHICMOMPMKJGIMIJNBJCMJKGJMJJNKJCMJNNICMJNDJCMKJBJJNMJ (the data entry has 49 more characters).
Task: {88C74042-3D81-4C9A-9A8C-BCC7BC4647F7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {88FBE0BA-8627-4970-B6B6-56645383456B} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {8C8B2F5A-C375-4FBD-A492-7B435BFE6DF2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {8F193628-1C33-4E29-9470-5D449AF376FA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Vic-Pc-Vic Vic-Pc => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-02] (Microsoft Corporation)
Task: {943642A2-984B-40DE-B077-F0C7B30541FF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AE1582EC-6D7B-4447-8DFB-D9B39B08C687} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-11-23] (Synaptics Incorporated)
Task: {AEBB5F28-FAA2-48F1-9F2D-B419DC8E5379} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {AF922B49-77B7-45E4-A6BA-36A4B12D4DC2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {BD6E1C45-DEE9-4A68-8764-748CC5E1B0C1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\WSCStub.exe [2016-11-11] (Symantec Corporation)
Task: {C4B189BF-EA9C-4C9F-A27E-4267A2BA46BB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {C5345FDB-3D9A-4EEA-96AA-53AFA41E0627} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CA62EB24-608E-424B-963E-EA7569A3EF27} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation)
Task: {D1A3117B-CB78-4783-8926-8A9401731226} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D32D5B17-7F2C-4914-A85B-AD1225919AFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D64B0ABC-D1F1-4365-A801-3B3233390235} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3120C26-D274-4732-84DE-6DFFE131844E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E6629F48-C7B9-43C1-B45B-B48AC83A89FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E7182CAD-8B66-45C6-B501-BE5498C9CC33} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {F6DC288B-C480-4ED8-A4E6-7EABA69795F1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FBB7CAA6-83EE-49DC-9346-BB337683AB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC95D197-55FF-43F2-AF5F-D5DE1625C903} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-01-28] (Siber Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mlbjackfgfafcnpfaanflcjoknkhofnh\Gmail App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mlbjackfgfafcnpfaanflcjoknkhofnh
ShortcutWithArgument: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg

==================== Loaded Modules (Whitelisted) ==============

2014-03-02 20:34 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-02 20:34 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-24 05:16 - 2015-05-31 08:41 - 00186760 _____ () C:\Program Files (x86)\ProShow Producer60\ScsiAccess.exe
2014-02-28 19:19 - 2005-04-21 23:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-02 13:52 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-01-02 13:52 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-02 13:52 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2014-03-02 21:15 - 2014-03-02 21:15 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-01-19 09:47 - 2017-01-19 09:47 - 01969360 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.7.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-01-19 09:47 - 2017-01-19 09:47 - 00381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.7.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2016-09-25 15:13 - 2016-09-25 15:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-13 11:23 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-13 11:20 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-13 11:20 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2005-11-30 16:34 - 2005-11-30 16:34 - 00068608 _____ () C:\Program Files (x86)\ClipX\clipx.exe
2017-02-02 16:36 - 2017-02-01 04:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-02 16:36 - 2017-02-01 04:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-11 16:06 - 2017-01-11 16:06 - 17835096 _____ () C:\Users\Vic\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "IntelWirelessWiMAX"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ACSW15EN"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "Module Loader"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{2345D900-C0A7-4425-BD03-27E9C32D8C8A}C:\program files (x86)\webshots\wallpaper\webshots.exe] => C:\program files (x86)\webshots\wallpaper\webshots.exe
FirewallRules: [TCP Query User{D369A6D9-E501-492B-A426-CDF74A9A0912}C:\program files (x86)\webshots\wallpaper\webshots.exe] => C:\program files (x86)\webshots\wallpaper\webshots.exe
FirewallRules: [UDP Query User{10EF3E4D-34B5-47B4-9367-C5792D496F2D}C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe] => C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{317379D5-C6E1-473D-94D5-042B03F21F0C}C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe] => C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{4224BDC8-9D45-4B9C-B0A4-F39DE80C4777}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2EBEA9D4-D907-4CB3-8855-14EEA41ABE87}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F621742F-0AA0-4EB8-98AE-E334A3770E75}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{7F614EDB-4464-4BB7-B5E2-B10EB9531968}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ACB04C2C-DD72-47C5-B3AC-FF56DEDF0992}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5A059B45-EA89-4C7A-AC0C-EEBCF1007017}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF9DE3D-7D5B-49B1-83B0-A3EB43038B87}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DA846740-697B-4C2E-AE01-5D1A2AD631B9}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E5034A38-019E-49E5-9ED9-30FDA9FC4079}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9644313D-A940-442B-A44E-471991231B31}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{449C7BDA-0D6A-4068-8F72-F51369399507}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F0413B66-44D9-479B-B605-9311C42899F7}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{B4A6ABB7-1B31-402B-9AFA-F53C8133A9FA}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [TCP Query User{90461F0E-2813-496C-A549-7680C67D8876}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{CECDD357-1401-4453-A675-875F355DBC6A}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1BBA580A-491D-4C10-9BF2-FA4723B06A32}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8F5898F4-A537-405E-A3E2-6ADD22D15B25}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{F5A05619-B18C-4913-B7EA-C6CEA903714F}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{38C4AA30-DE4E-4F57-8796-D8EF68B9E02E}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7EAFB9B8-170B-4AF0-B4C0-999A5CC177C1}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{DBB9BEF1-F8D8-41C1-B992-B951DD8ECD4D}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{F27ACDDC-D915-4C4A-932C-DED546C439C8}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

==================== Restore Points =========================

13-01-2017 17:33:25 Windows Update
22-01-2017 15:21:46 Scheduled Checkpoint
31-01-2017 09:27:14 Scheduled Checkpoint
04-02-2017 14:42:49 Installed TurboTax 2016 wrapper

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) WiMAX Enumerator
Description: Intel(R) Centrino(R) WiMAX Enumerator
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpenum
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Centrino(R) WiMAX Enumerator
Description: Intel(R) Centrino(R) WiMAX Enumerator
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpenum
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2017 06:28:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WEBSHO~1.SCR, version: 0.0.0.0, time stamp: 0x571510a7
Faulting module name: opengl32sw.dll, version: 0.0.0.0, time stamp: 0x54214d34
Exception code: 0xc0000005
Fault offset: 0x000a926e
Faulting process id: 0x32e8
Faulting application start time: 0x01d27f3861649d89
Faulting application path: C:\PROGRA~2\Webshots\WALLPA~1\WEBSHO~1.SCR
Faulting module path: C:\PROGRA~2\Webshots\WALLPA~1\opengl32sw.dll
Report Id: 818706a9-64b3-4877-b3e5-f325b4085f4d
Faulting package full name:
Faulting package-relative application ID:

Error: (02/04/2017 05:37:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WINWORD.EXE version 15.0.4569.1503 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 23ac

Start Time: 01d27f3600b13a01

Termination Time: 4294967295

Application Path: C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE

Report Id: 870987cb-eb2a-11e6-815e-b870f455cb03

Faulting package full name:

Faulting package-relative application ID:

Error: (02/04/2017 05:18:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 56.0.2924.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2dbc

Start Time: 01d27f3450402c02

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: e412daa1-eb27-11e6-815e-b870f455cb03

Faulting package full name:

Faulting package-relative application ID:

Error: (02/04/2017 05:11:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vic-Pc)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2017 02:55:29 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program TCS30Autoplay_Net.exe because of this error.

Program: TCS30Autoplay_Net.exe
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00D5A3A8
Disk type: 0

Error: (02/04/2017 02:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TCS30Autoplay_Net.exe, version: 0.0.0.0, time stamp: 0x555c4e11
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d37
Exception code: 0xc000001d
Fault offset: 0x000da832
Faulting process id: 0x1d64
Faulting application start time: 0x01d27f20a203a16f
Faulting application path: C:\Program Files (x86)\Medcon\Horizon Cardiology SelfPlay\TCS30Autoplay_Net.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 7c206480-43b8-432a-9d35-4d70b5f64214
Faulting package full name:
Faulting package-relative application ID:

Error: (02/04/2017 02:49:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AutoRunSelfPlay.exe version 4131.8213.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2180

Start Time: 01d27f1f84c6d347

Termination Time: 4294967295

Application Path: E:\Prg\AutoRunSelfPlay.exe

Report Id: 12509744-eb13-11e6-815e-b870f455cb03

Faulting package full name:

Faulting package-relative application ID:

Error: (02/04/2017 02:43:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/04/2017 02:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 56.0.2924.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 920

Start Time: 01d27f1b59e53474

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 49eda6ad-eb0f-11e6-815e-b870f455cb03

Faulting package full name:

Faulting package-relative application ID:

Error: (02/04/2017 02:17:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 56.0.2924.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1da0

Start Time: 01d27f16fde19275

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 8c904a1c-eb0e-11e6-815e-b870f455cb03

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (02/05/2017 09:29:18 AM) (Source: DCOM) (EventID: 10010) (User: Vic-Pc)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (02/05/2017 09:29:18 AM) (Source: DCOM) (EventID: 10010) (User: Vic-Pc)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (02/05/2017 09:29:18 AM) (Source: DCOM) (EventID: 10010) (User: Vic-Pc)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (02/05/2017 09:29:18 AM) (Source: DCOM) (EventID: 10010) (User: Vic-Pc)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (02/05/2017 09:29:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/04/2017 06:37:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/04/2017 05:37:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/04/2017 05:18:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/04/2017 05:11:08 PM) (Source: DCOM) (EventID: 10010) (User: Vic-Pc)
Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/04/2017 02:49:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 6050.69 MB
Available physical RAM: 2474.04 MB
Total Virtual: 10122.69 MB
Available Virtual: 5411.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.84 GB) (Free:179.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9C93B985)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=837 MB) - (Type=27)

==================== End of Addition.txt ============================
 
#12 ·
Hi VJC,

I apologise for the delay.

Please run the following and post back the results.

Step 1.
AdwCleaner Download and Run


Click on this link to download : ADWCleaner
Click on the Download Now button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete. When it is done click on the Clean button, accept any prompts that appear and allow the system to reboot.
You will then be presented with the report. Copy & Paste it into your next post.



Please post the content of the C:\AdwCleaner[S?].txt logfile in your next reply.

Step 2.
Junkware Removal Tool

Please download Junkware Removal Tool and save it to your desktop.
  • Shut down your protection software as shown in This topic now to avoid potential conflicts.
  • Right-click JRT.exe and select " Run as administrator " to run it. If prompted by UAC, please allow it.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please post the contents of JRT.txt into your next reply.

Step 3.
Run a
New Scan With the Farbar Scan Tool
  • Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  • Check the box for Addition.txt so it will produce that file again.
  • Press the Scan button.
  • When finished scanning, a new version of the logs FRST.txt and Addition.txt will be saved on your Desktop and opened in Notepad.
  • Please post the contents of both in your next replies.
Separate replies are fine.

What I need back from you:
Post each separately.
  1. Contents of C:\AdwCleaner[S?].txt
  2. Contents of JRT.txt
  3. Contents of FRST.txt
  4. Contents of Addition.txt
  5. Any problem executing the instructions?
Thanks,
wbg
 
#13 ·
I'm sorry about the delay :

# AdwCleaner v6.043 - Logfile created 11/02/2017 at 21:51:21
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-09.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Vic - VIC-PC
# Running from : C:\Downloads\TechGuy\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Vic\AppData\Roaming\PCFixKit
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCFixKit
[-] Folder deleted: C:\Program Files (x86)\Driver Detective
[-] Folder deleted: C:\Program Files (x86)\PCFixKit

***** [ Files ] *****

[-] File deleted: C:\Users\Vic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PCFixKit.lnk
[-] File deleted: C:\Users\Vic\Desktop\PCFixKit.lnk

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{102C9A1B-C09F-46D5-A281-18E62F67FDD0}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{106A02D-8D88-4FFE-A770-7F62F0D97B33}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12178A70-4C58-495C-8EB4-3658F4B7DDCA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12446857-5EA6-4D88-8FD-E03A9E486754}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14402F60-4498-400A-A7A0-3EFA7ECB4159}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14EF976-2E6C-4520-917E-4F43B75EBF1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{150AA137-1482-4BBA-8B40-798231138DA4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15388FDC-474D-4BAA-A434-714FCCCF68C7}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15D3429E-C92B-4922-AED-EB41F49723F9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160080D3-17C9-4E8F-AB4B-1C2A5D1A0B3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1700395F-FFED-4F03-A8D3-51DA5DAB5AD}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17573D3A-F5C-4043-8ECE-7DCA4EAA5296}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{190938C3-E3C6-4199-A181-FAFD21011EB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A4896CB-F3A3-4F16-A2AB-8F8B59351BB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A5219A4-F6C-46A0-BBFB-464D5F1B7FF5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AA38BDE-48C4-49D3-8CAB-79FCBDEAD4D8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ACFC971-5395-47F2-87BD-D5558C3C2C56}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BAB2A42-B82A-496E-B77-C8B6EA16B31}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C82A833-ECDB-477F-9498-DB246D77DCD}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CA3F3A8-3E95-4739-B4C-82E1DC59F2D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CBCD73-E0F7-4489-A426-54FF2135E810}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EAE609C-94BD-413B-A45A-95FEA2C833}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FA8D415-47A5-4AEE-9DA2-B1EAB8F3A87}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2070CF69-3BEC-413F-BE49-4F553C77A658}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20784D9E-E944-4A4E-90ED-59FCD52D8FD2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2121D102-4AD6-4776-A426-4061AB5FDEB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2149E235-E238-47E9-97C9-CE59E711678C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{215220A8-1A26-4E74-9E34-742C3BFF2820}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22003529-5751-48FE-8BC5-D6D8DE8A8D3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2408F934-9CAF-4261-B686-8164ED64169A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24445C49-6A04-4CF0-98E3-DEDFE5FD1AA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27894655-CBCC-42E1-AE9-29CFF2BAFA9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2836DF04-1486-406F-A734-4294363E6192}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28B3642D-36D-4ED3-AD10-EAA8431BDCBF}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{296F5B05-64EA-4FD8-894A-FBE5238E9BB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{299BC931-F02B-4D71-A633-78E3760EED}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A1C6098-5F44-4CD7-8EF6-4E82FBBC85BC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A488AB-383E-4DA5-AB66-424A37FDA050}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ACE9819-6C4E-4DF8-83F6-6F7E9780845}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B15AFB0-ADC-45D3-90C4-9BB443519487}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B525B7E-78B6-4008-A6F7-382EE9D35A8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C2D207E-619E-474F-84B5-B7346AF3CB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E05FFA4-290-4776-A420-EEA8F33CE6F9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F4CB070-5D95-436C-938F-1596AE918A76}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FFD694-9CD0-4D95-A97E-E7E574758676}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30A028DA-2C5C-4F3D-A29B-8737E451B}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30B0458E-7DA7-4A5B-AB32-2A2E7C58161}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{330222B3-1A9D-482B-9AD7-4A34E52B3F2E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33F1307C-DEF8-4765-B273-1FE8A9BE1C1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33FFC4FD-5114-45A3-937B-D8AA9212530}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3591BE8D-F9B4-4DF4-BEF8-2A561B8BB4AE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3609C72-A813-4610-9937-61FEEF53D8A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36CEEC5E-1C0F-4B7F-BED5-E1CC1762B127}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{379D382E-A9B9-463D-80DD-7AA8401BA37A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37B9D477-7CC2-4760-ACA0-D5F72509983}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3837589-E255-4927-9473-929A67E91DE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38CD2E70-D8F7-43E1-BF3E-A64D40492D21}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{392C7E3E-A8F3-499A-B817-672DB3D4406D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{394FCE03-739A-42B7-AC86-80706623D4E4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39BB6F8E-F8FA-4F5B-B183-14C08EC3582}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C8C7871-CB0E-417A-9A83-ACFA24D8520}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CD6DA35-F3CE-4568-8A21-BD16710EFA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4080B3C1-46B6-42DC-8670-147BD6DB4B99}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4101DC14-37AA-46E1-BD61-D640A4669C3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{422603A5-DF83-4D8C-ADF0-4DFFD761C43F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435712FD-58C5-42A4-8472-5FAC2936058}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4555BBF6-67F4-4522-984-BD9C95B5694D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46AF4ECE-EA89-40E6-97D5-AF25ABEB5D14}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46F580BE-FBE7-4E3A-AE72-E48E6661F6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4708181-F762-41C6-9156-8D861CDE8CCE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A219792-988D-4EF8-91B9-A11EF1FDBA7D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC6F3A9-D2B7-4FB4-B7B4-39491711480}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C4B86CB-97C1-49FE-A2A7-6F1A476844D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C4B9057-5BF6-4428-AFE5-D0AB8C1874DC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D2BFF4-8EC9-4F6A-8DBD-AE25B63C81C6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EAACDFC-265-4867-82AB-738068ADD2B6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5144B1E-2BAD-43CA-A49E-F0C4B3C15BBB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{525E3817-8654-47E0-9E49-99987B43CF4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52D36AB5-6B24-4B39-9E70-D4C95A3FED8A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5308A57-8EFB-4F20-B17A-736459F7D54D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{533B4642-BFF-43AD-B2CF-2EDB9F6687EF}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53409AA3-386D-4494-946F-B4D3C06878F5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56D73CEB-C74C-482E-9A2C-7933E1133EA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56F18620-43FE-4746-9D36-E1C53D3FD1E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{576A6251-1094-4C07-A29D-404B4661A88}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58DCB364-1A5F-43C5-86C1-906C6E7613C9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{598D47FC-E66D-40BB-9AC-A6D8B922097}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59FC5399-B577-4CD8-A1AF-873B9C733581}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A1F710F-B1F-42EB-BD5B-C7D6DD9E853A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AAF3FA9-9598-4727-991A-4A8CFCEF368}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BBB1772-3199-44BF-9FA7-427121DF19}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CB52D47-1F48-42D4-B0D4-993E5877CAF4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DC0F584-2B3F-4349-A83-859CB88A92AA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DC73EDE-69BD-4048-8BDA-64575DA8E87}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EB5F99F-682B-4DE7-9946-BE11CA2DFDA3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F2AD548-EA4B-40FB-94A5-C0265F1F345}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F36AEA3-3B5D-4A39-9B21-D3A7BF8088C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6032AF9C-BC13-4F15-8079-B2F5F479D9D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{616E52BE-B101-44A5-A786-A43F2A07A9E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61B5325E-D10C-4D15-B36C-BCB33736A7C4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6294D9E5-7E76-4DE2-9DF7-DA1173C675C4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65CC74E2-9E44-49F5-A166-45CA36E1509}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66106573-813A-406B-8C32-BD39E458296}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AF12312-6E67-4210-972B-1153C14B876}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B848ADD-C9A6-4AD8-98C5-BCACED4DCEC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C466FC9-AA36-40A6-A0A4-B13845E5A6CB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D1F4A44-178D-404E-B85B-F5C6C66B8D86}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DCB140F-AE1A-464E-88A2-FA2BDA62409}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DF6825F-2E7-4EB3-A23E-BEE83EB371}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E686799-E252-40AF-9BA5-12B21ABCBFC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F0291C9-3927-492B-B08F-5336787C259}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F85E36A-1EB8-428B-A77F-877D633BB3C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70CAEF90-1898-4CC7-BBB8-53AC6BBFFF}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71B072C4-1B19-4F46-8BCA-393479F27594}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A04096-DF99-4C5A-AE61-704CBACA41F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72E5E8E4-8FED-4165-AE33-8DD1EBC2F3A3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73DAAD0C-2872-4489-87FC-CD6231F5A09B}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{742B0A80-B8DA-4396-B6A6-BE76EC62BE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74F086F-D562-4EDA-B66C-15F9536BE13}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76621B39-2392-49B9-9FBE-9540D8945874}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7694572A-A9CD-40F6-838F-F57123C2657}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76DE44F6-621-4DFA-9C1F-52D8FEC1E958}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76FE308B-40BE-4D38-9A24-D1361E07DCC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{773B8479-E4B4-4A44-AF11-5C94A8AB496}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77BA3C27-AC31-4225-B93-71C373B36A18}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77F72C72-508C-476C-B9AD-C7A84A349A9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{791B8F84-8020-4A88-8FFA-7F8D1F7B9A1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{794B9243-5F47-4BAB-ACA7-B0643172DA0}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A34086B-34E5-4C62-A884-CBFFDEFD646}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C942306-60F0-467D-AADB-DB72161B2E6E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D233EF9-7C73-4100-8474-8BEFB1A1F2D5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F358DCA-E89A-47FD-B7AF-849CD5BD274D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FD1FB41-D464-45C5-8673-49A2ACC591A2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B2A7A9-6BF-4606-954C-CB8464ADA20}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{813490F3-DFF0-42F4-BEBD-92C438A492C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81E6BFA1-9E23-448D-A758-73AF7CFE626}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{850F14C9-FE41-42A0-BE71-4595B97A946C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86C541E4-F819-46D6-801C-C211B725ECD4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87E6A11C-A82E-4687-BC75-455466E6D6E1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{883F554E-C876-4CE9-9C36-1D9385F1A1E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88C8C93D-C5D5-4704-9BA4-D481495BAF1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A3E826-7974-44D4-984-DACD325DE2BA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CCA373E-59AE-452F-A66F-B419FED5C6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D2BAC9C-60AC-48A1-928B-164E3C567190}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F282283-6968-473D-9324-DC1927A5424}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F72B37-36A8-461B-8ECA-F55D8B429912}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{907FCE3B-D9CA-4D55-A6CF-38D538F116D4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90B7B8C4-228-4907-8434-F815F3884F50}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{931C0E75-3A00-4294-9DBB-5E33846E132D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93563634-B4A1-43FB-A2C3-40A45C45C297}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9509DD9A-DB22-417C-B459-C3B3222C2498}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95139C-B1A3-494E-8969-CA56126C1069}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9544A359-85EE-402F-9A2D-35F9CC7B3A47}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{962DA153-42E8-479A-A9D4-FCC09B0D1D2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96804F5D-2634-41E4-9594-CB20FF3D383F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{968B7DB5-B130-4104-B6E3-A113DDAE33}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96CB5526-16DF-489E-9BAB-86F79AE5ACB3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96D11876-53B2-4B9D-835-F9B7EB764CB8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{981FE9B0-384F-40DF-970-374261291DD}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98758A19-94BB-45DE-B44D-452D67207837}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{991A2727-3255-492F-893E-44119F59D3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995FB371-7CE-4649-9755-11A72575280}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99AE477C-430F-452C-A9B1-43EF25FDDD7}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99B54227-D9B-4690-B63-294194EC862C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A67887-1F93-4B15-91BD-7CE61B33E57D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BF68207-3114-4163-9A75-EA631022106B}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CAF1FDE-78B5-444F-9460-79B93F5EAF4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D0657CB-DBAD-4F19-A4F0-42B656FB8293}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D896745-6C52-4AA5-B130-CE6A7D16CCC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E2680C1-9D89-40DF-80A5-391E248E5D2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EBF4C1C-B825-4E3D-8A27-549A9BF538FC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A42A9C70-2D6A-44B8-BC79-94361A5682E8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A56E3DA-8BE7-4174-99CF-D8503396E934}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A76AC7C0-23B2-4A3D-9578-466042CB63F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A78C02F5-7223-472E-84DE-F254DD7C1B48}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7D3B7C-CEAD-4B06-9FB8-827E1BA243FD}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7EAB6D-F1E5-4ED5-B873-F2289B96DAF5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A92E86ED-7146-4721-8694-7BD8863EB71F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA03FE76-D8-4491-B860-21A8CEF462C5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA5E0F88-1C2F-4E7D-BA1D-E8107B74ECC1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB4A74FD-19C7-485A-8EC5-D88FAAFFE6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACB08810-777A-4779-BD74-725B665BE571}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADC8A8CC-C6B7-4057-A4A8-EAE3E6EB8AFC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE16F245-BD0F-489A-A1F6-D159B0635DB3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE39016C-E387-402B-8784-74D9F7ECB25C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE8FF1-4DDC-4AB5-95DC-FD903658F16}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF689B6C-4CE5-411B-AD79-A9164FF278}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF7726AA-FB17-4747-93D-7CA35F96FB5A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFC05975-8172-4C58-A543-12CF709A716F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1A79498-DD1F-4DBA-9D5C-1084389B226}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B244D55A-A867-4413-A536-70E1346C828E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B35E0802-3A3C-405C-93B5-9849FF45C7B8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5AEB81E-B81F-47B6-AAF-DD3B1D6B8B51}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5D357B6-B7DC-409D-9847-7E50731BA22}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B704707B-CBA6-4133-89B8-84C5CB845BA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B748D987-6983-41BA-83BF-1416EF78057}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821020-F183-452C-8BB1-E898276D315F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8C5B084-3CFD-4A41-8BBB-6555DF5A552}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBF4823E-3734-4B2E-86F2-A339406C1184}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD38B203-B7BB-4194-9711-5835766B61C4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE44269D-1B-4FB5-8997-F26C7F9CB858}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE8F8C2F-3C33-48BC-A05F-B3262559DFC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF50E9C3-1509-4B3E-BC6D-EB81CC1ECEEA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF5BA028-B987-43FB-92B-3DA03D485975}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1C265F4-68F2-4E22-814-B9DB6C956E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C209F772-1387-441A-812D-A88A881B6F5B}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C20E91FA-4794-4463-8954-C8ECD7B52864}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C21B0DC6-7434-47BD-806-FBF8DA2B6FB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B88C89-BD80-4BBD-A3B2-A7ABBAFECBC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2CBB1B-CE41-4500-B82E-9E808B153CED}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C351A991-4855-45AA-AB86-C9741A74A485}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C36A209E-4F7F-4F44-BBAD-28AEDDB026B2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C39EA31A-A02-4A1E-BBEF-B27266FF5A9E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3A774D0-E0F2-44A5-A63A-894D735154DB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3ADB628-E613-422C-B231-B4945191736F}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3EF03BA-5668-43E3-A488-9E30B9FC999}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3F7C15C-EDE7-47A0-9934-0C61D8358}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4B3C2AA-4AE5-47F4-8970-8C2D564272D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C569D912-C14-4F0E-9E79-B45E6D32D1F7}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C68CCD7D-6FBA-4F8E-8378-A948F3322C43}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7DFC713-70AD-40DE-8E8B-9F3AD21DBF9}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C94F1514-3BBD-43AF-A48-B930742A72DB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9ED3255-CE70-4038-8976-91DFB52FA0A6}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9FE992C-8AB7-48EF-AD9B-E7086232A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA1DA193-F359-4ECD-BDAF-FA5380C23DB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCD0D7AB-7F41-4A23-92CE-28B5F8A11A62}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEE5FD3C-C804-4336-AA6F-104383BEA47}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFFEE605-78EE-4D2D-B498-C7160A32587}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D01C62AB-D204-4068-A24D-863A49D13E32}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D11F44EC-7C8-4C72-A3C8-CAD84CA8F3}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D16013AF-D776-44D0-96CB-12C4AAED3EEE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1632C04-E117-49E5-B1F1-60ACC8117CA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D396D6AF-886B-4B03-B971-C68D199421DE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4108969-40D4-47F2-B554-6B4E1AEF7273}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4702DAD-3190-4995-8BC0-7B710951686}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4706C72-7F08-4015-A5E1-CE903CA91878}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6D5EECB-291-4FA7-914F-7F7432636536}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D85A435B-6AFC-40A1-BB74-BC9AC27FEFDD}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8877568-E8D6-44A5-AF42-F97405B6810}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D89C1C6B-B50D-4415-9BBB-2E4D2A47AC1}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBED17FE-1358-4729-88BC-A6C51794BF1D}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC02E13D-8C6C-4DD1-834F-9F919445D71C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC09E839-85BF-4A55-B2A-6933F313B8D5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCD8F75-4A35-42DD-96CC-FF8816A07A22}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDFA9089-3040-4A0B-A4AB-6A0E999F69}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE4E02D6-C791-45A8-AAEF-1DC7E6FCBA4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E010BFBA-D67D-4F05-8585-8FA5AD362DA5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0AA4881-531A-484E-8974-E991E14A1DEA}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DA0BDF-20FB-461C-B9E-D2EFE9985C3B}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E141E244-BE1E-45B1-AD63-2C50A97CA0D0}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E20E8295-35D1-40CC-8710-D0A37B77ED4}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E243FB4E-33BA-4A3A-8AC4-F16E2344CC31}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3B37D5A-AAFF-400F-A861-83CEE54B158}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E65B0F7F-C184-489F-922-9271FB5845A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69A727E-B0DB-4BAF-93DB-62D9583B6A38}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6E18AEB-9B81-4480-98F3-3821A1E4BB5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E834596F-FBBC-451C-ABFD-C95EB8AF21}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECD2EF53-76A-4772-A9A6-9517B968D9F5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE804914-A7C0-4269-9214-78EBD2DFC57}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEA077E6-4E1F-4A55-AE46-6F8DF640849}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEC25E-C3F2-482E-B6DE-4F3CE56DD0A7}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF0AB217-89A7-45D9-9A6D-4EA66255661}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF3D8F0-2C44-460E-99BC-BC6DFC4B5D2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF655C5-D573-445F-AA11-9C488E43316}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F049ABE0-A8A2-4477-B8EA-1198027D5C0}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0FBFD3E-49FB-47E6-979F-B1128DAC9EE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F101B896-5F61-44AC-BDE8-54D02576FEC}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F16D778C-87C4-4AD7-8D18-5CE162307C54}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4B2626D-43D9-498B-BD2E-D08A60DDF9E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F53889A4-8753-4FF1-AA9E-ACE69466438C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F576405C-4055-40F6-B46C-DE4CF9FC7AA0}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5D66F49-FC03-4884-A2E2-D763DB75F892}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F658ED47-258D-4A44-AE2B-D89A86616380}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7018578-625-4AD5-A712-65C596E43A31}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8A39F1D-D3B-4914-9615-29F1B6B39EFB}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8D46BE-A871-4CB5-AEE9-57D8EEA0D7A2}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8EF1ACA-9D88-438C-9F4-4E68F111315E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F93B976D-61A4-40A9-BD21-456FC4B117E8}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F984710C-EEB8-47AD-BA9E-C05F804C4AA5}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9B784E-A116-455D-BEC3-D1F3F4B4C273}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC6826BA-3E9B-4E9C-97C5-3411D7114F3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Key deleted: HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Software\darwendlm
[-] Key deleted: HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video-high
[#] Key deleted on reboot: HKCU\Software\darwendlm
[-] Key deleted: HKLM\SOFTWARE\PCFixKit
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{08E486BC-850F-413A-B1D4-52CD42D411B3}_is1
[#] Key deleted on reboot: [x64] HKCU\Software\darwendlm
[-] Key deleted: HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{30CE3397-2BD4-490B-B396-4856904F3533}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

***** [ Web browsers ] *****

[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: findwide
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com_
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.conduit.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: vosteran.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: active-desktop-calendar.en.softonic.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: 3228112.r.msn.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: download-free-music.en.softonic.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: amazon-cloud-drive.en.softonic.com
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: gjkpcnacdgdlpfejlgflolpaigoicibh
[-] [C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: oilkkkefbalmbfppgjmgjoefbclebkce

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [39897 Bytes] - [11/02/2017 21:51:21]
C:\AdwCleaner\AdwCleaner[R0].txt - [5916 Bytes] - [10/05/2014 16:21:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [5966 Bytes] - [10/05/2014 16:23:47]
C:\AdwCleaner\AdwCleaner[S1].txt - [38660 Bytes] - [11/02/2017 21:43:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [40191 Bytes] ##########
 
#14 ·
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by Vic (Administrator) on Sat 02/11/2017 at 22:12:13.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 483

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\ProgramData\Start Menu\Programs\mp3 rocket (Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0018C75C-06D5-426A-9BB2-1D52D43A646B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{004D5725-2F0D-4F58-8962-EFE7A018DC70} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{00F9AAA7-9B9B-4C7E-91F4-4465E3BEC6A0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{017A00FE-3BEC-4A73-9EF5-F95C9FC11E82} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{026A805D-F6E0-4F5C-9564-BCCB982A8E59} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{02A88AB9-468E-4047-B2D4-FAD7482ADD4E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{03A19DAE-C3D6-41A4-9A8B-1CCAB9FDD8C0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{03B15B9B-AAB0-4A85-963C-E97309AE5E23} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{03F9B66B-58A2-47FC-888C-16080952AAD5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0454F55B-758D-483D-95A8-99355BBB31D4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{04B82DA4-665D-4AFF-918D-575F1F59F18D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{05D83CD6-DCB8-474D-AC5C-A96D7F7F0DDC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{05F1FAC3-A081-4B2D-A38C-AB4F9035EFB2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0688B136-A8BE-42DB-8F02-A33FC37381AC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{07750E40-CC05-41D8-A445-5F7DD1600C64} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{07D63CCB-C245-4FDB-9FB6-D273E065810D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{08AD6F93-2E1F-455C-8290-6354A24580FF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{08BACFE6-CE15-473F-A344-155D6A41ABC3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{08C5CA7B-1AE6-4932-80D5-7B8B40F609E2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{090C9BA2-EFBB-4233-AB56-D4EBFE3397B2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0A735B90-A9BF-462C-937F-8E7B3B6DE637} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0ACB0986-9053-4D57-9919-26ACA122F9F9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0B616283-5E9C-42D9-B924-36B322D7FB64} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0BB21BF5-AE5A-4E9B-92C7-A980E70BD53E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0C636765-D623-4661-A781-E4D9BC7A69A0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0C8F8204-4D93-43CC-9A82-F5555EDF818A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0C928D16-3A5C-4CFF-8390-F0A9528F0D29} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0CC4ABD5-B905-481E-8D1E-F2AE2411AD6F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0CE9EBA4-DDE6-48E8-A1C5-4746FD8AF27D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0DC34B45-6269-44E7-9DE7-255BA646C6F4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0E24E05C-BCF8-4BEB-9426-9CD350E792B9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0E6D1AF5-38E8-413F-B5AD-129AAE1F5588} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0EB47907-6402-4A90-AAA4-66D5E4C6DB18} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0ED83BE0-558D-41BA-97B3-2F5428E815B8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{0FD83195-8DB5-4ECF-B04A-015C75CFD5E0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{104C7277-A8E6-45A4-89CC-5B55F7E80831} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1054E58D-526E-4B42-B6DC-A5C109CA2735} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{10928907-6B3E-47BD-AE9A-45470D033CD5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{10EC4952-9177-4758-A3D6-751F8E7C60FD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1155AAAD-EBF5-4C40-A625-FA4A5BF85A23} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{11CD837D-3A3C-4A1F-9D97-375AB4F7B0F2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{11EA0C23-A7F2-4C4F-90B6-084C1882424D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1259D67F-E62F-4976-81FE-FB5775524D57} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{129F2D33-984F-4CAC-93C5-0D94F15A8C25} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{12C66315-79FC-405C-A847-205F7358DF4E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{131B2997-C12C-4E68-A2DD-E32FD860A221} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{13CE14A7-FDFA-4D45-AC92-80EF4E89AC5F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{151B0671-6FB6-454B-A0F1-5FBABB71576D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{15311461-6D08-4910-A0AC-5845B9890C3C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{15FA2D9E-A48E-489E-85D6-0DFC9864F92C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{16562D08-C3A9-4CD8-8587-F349A5C40A2F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{17DB9630-7C41-4BDF-98B9-CBCA78B01157} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1838F3C3-41E0-4181-B806-2AB71955B83A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{18AA964F-9A5D-4AD4-971D-A8D170D02797} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1958D160-197C-4836-9492-23334E9063CB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{196EB2D6-C3D6-47AD-9ECE-5A7431035F89} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{19993E11-AED1-4B0C-BD09-4EA5F214997E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{19E3ED0B-D8B1-472A-AC1E-24ADFDB0BCE1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1A0BCA02-9269-4D34-A0CF-25118E857503} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1B23E630-ADBA-4424-9E14-1E242585DDE6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1B2BC608-582A-4DE5-B284-CD197B717C89} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1C0E8884-81A6-4693-AA98-C59AF0864BFC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1D017D3F-AF57-430F-B9BF-1CB9EE79835A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1D29D4C9-2457-4617-B158-9EA281CA3082} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1DDB4E57-84E5-4959-864B-380EAD6ED469} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1DF7BF8E-B9F2-4CF5-8E26-6F9903CB1572} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1E43B48A-ED98-4F3D-B323-AA50DEB13745} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1E56F7D5-7A8E-4769-BBBA-C7DCBB064C85} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1ECCE696-0CF9-4F66-B61E-23FEFAC8A65D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{1F9505B9-48A5-459E-97C6-65C45085E535} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{213C6C8F-3023-4205-B77D-5842A81AC45A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{239935E7-E828-4184-8094-1F0572F1C3BB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{23C27A5F-864E-48F1-A743-02DC782E2E52} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2494F032-708D-40B7-A3E2-926E417FF02A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{24EB95F3-491E-41DC-B19E-725D6214749D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{25C6AEC8-D643-4395-AAD0-60167A69D503} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{25F69E9B-EB76-46B5-B976-2E24BC1DDF31} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{26B968A3-E204-474B-8574-5CFD9902AE31} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{275930A2-AEB2-4A56-BAE5-449610F48821} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2862E915-F853-43DD-A473-97F02C7CA72E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2A7C4C17-CE03-4D56-BF14-5DF8B3443BA4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2AC977CB-5464-4AA8-B373-BFCDBBACBA50} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2BEEC58D-7B57-4716-9F80-97B107DDD218} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2C661AA2-B342-4D0D-A541-538AC97B92B6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2CBBB944-3ADF-4C67-8A02-D676EFD97E61} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2DA12A02-0DA9-4653-A6B9-CAD66D4DDB33} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2E198B96-394F-493C-8003-E079261C4743} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2EBDE0B9-7D56-43C4-8E2F-D0EE461B7029} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2EE0A574-59EE-47B7-BA47-C1653644CAB1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2F2E367C-D3AD-4721-88AA-B06FAD1014FB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{2F36A8EF-F0C9-4682-A753-8D0CEC6EFBA3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{302A545F-DE03-4E7A-BA7B-CEC6640FD4CA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{31F59CEC-708C-41BC-B7EE-3E40FFBC5FDA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3273CA63-3A58-4C4F-A4CB-E2841DE092EA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{32C78C24-DDB3-4C14-B8FB-18CDC702E090} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{337EC6A0-2F23-4518-80F7-6123D4F97CA0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{34DC46D7-3CBE-4FD7-AE4D-BD1DC0D39AB4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{351BD215-30EF-4451-AE7F-ED26E0B70D9F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{355DA6A2-9D88-4A20-A875-DE79ABBDD1DB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{35C3CC69-0C62-42BA-B188-C329C41D4DFE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{364F3F11-490F-4013-B4B8-B65EF33F63F6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{368AD8A8-3CD9-4A55-A82D-9A991CA7CCE3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{36BD6FCA-E8E5-4265-B17B-806182DFD3CE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{36C320DB-057B-49FD-BF54-70854AE15955} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{37E735F2-22DE-4B34-9451-2ED725574737} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{385DB59F-2414-47EC-A04A-6DADDEFC1A37} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{38B15E85-FC17-40EA-81C8-5B119F4D3F30} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3940A166-5400-4E30-A1B0-E45999C283A5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3A5FF60C-130E-4AFB-9362-CB4291EF8C89} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3AAB5ABA-4C0E-4490-ABC3-9A593B0D4307} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3AACD02C-B589-49B4-B9C6-7CBCC5C1CF92} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3AEFFF87-852A-4BDE-A211-0653F6890B49} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3B1860FF-6C8B-4BF9-B6C0-4936DC020357} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3B6BAA04-6370-466A-8E4D-86F88F386093} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3BF9B042-DEB1-4592-86B1-0F232272180F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3CC5FBEF-78D3-4743-8F6E-45FB26434500} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3D0E50AB-A67F-4F23-A360-C7E918D07F66} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3D4842D9-9B60-4D77-B05A-1783A38CF99D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3E2AB3C4-3530-4536-89E3-9BB78A5A2CA5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{3F6CF9E8-5A16-432E-A8DC-82C3061BE6E1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{40144546-258B-4D82-A2A0-0A8532C34C24} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{41C6E98E-E332-4D48-88B9-7A8374E508EE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{41C90C38-7EB5-4408-B617-96D70FC580A9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{41D07AB3-A48B-4DC9-8C41-4D5B6E89E8CC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{42BB42DD-F990-4376-B7E7-6162C4DA42B1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{42DA08B0-8436-494E-929F-DF39A17765ED} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{44646ABF-DFB7-492E-8732-EDD2916DC89E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{455518DE-6AC2-47B0-861C-28B05FDE56AC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{455D3C0B-02DA-412C-93CC-CDFB8551AF45} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{45C7B512-C0EC-4511-959D-7AB2CB6C21FD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{45E5EB8A-9AEC-49BB-8AC9-C8099301D4E9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{45E73464-F425-446C-921D-0AA4CCA07857} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{46178257-2202-4601-B410-37EF1CA02FCF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{46241A9E-783D-408F-BEC7-D2940AC6F989} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{46A85030-CD7D-46F5-A8E1-80912372838D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4727AA72-F41B-49B9-830C-51259460D012} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{478DB323-B569-4C13-BADE-86319DEFEDF3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{47994A52-FE6F-4362-B4E7-B12F09F8F35D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{479A8FCE-F94C-4BDE-96BC-BDE4041269D0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{48CFCAB8-9C29-43AB-9DBB-BA2B68907480} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{49B398FA-B563-44AA-AD2D-12D403536AFC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4A0D7C55-6579-4303-95A5-F20106F057F0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4CC63975-2A51-42D2-962C-D7936101E625} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4D84325B-BCB0-41AA-AAA6-062AF1786FFD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4DC71EDB-868B-42D1-ABAB-3B8D192F119B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4DDD5F6C-D29B-4F84-84E7-92915AA17F24} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4EE26D13-3941-46C2-80C4-68B6915049DA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4F40C903-ACCF-4BC2-9FFD-5F30F1290AE5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{4F57FD80-6FB8-44BA-B956-EBDE939EB694} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{503337BE-06DC-4436-BB28-5A36730AC9AC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{514C5AF5-FE4B-4BC9-9634-5B2AFBD9D96B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{52186EFE-4551-48C7-BDBA-2067EB68802B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5229FF46-E6C9-4AB3-9055-BE3711BCD099} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{53F5496F-BFB5-46F6-BF16-A54B2E6B457E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{54246471-1611-479B-967F-15E8FD192859} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5475CFFA-851B-4D17-A5F3-5E4A882CECBA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5479D1EE-54B3-4D14-9BCE-ED114E560570} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{54D8189A-5998-456A-88F9-D77EAAC43702} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5512F3C2-D961-4D1A-B25E-08BDA8DE5B0D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{55F54A23-8B32-4BA9-8F55-D1F04B2FB97E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{58596117-8B7F-4B61-9CB7-C71E663304A7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{58D352DB-54FD-452A-8BD5-8A84433B455B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5A901F21-AEF3-42BA-81DC-479BF5F94C2E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5A9F3508-48E5-4694-A1E3-ED80A451CEBD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5B5B0275-5655-4ACF-B774-1762D4D30FB1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5CA5067E-BB01-4809-A13F-9739BF375D6F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5CBBFFA5-5D65-423F-A7FF-BBF24741E30D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5D1F6DAC-2159-4529-BDB1-3981DAD6D824} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5D634B12-0C21-4608-A1B5-15C8A0F73D04} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5D6EF6C1-7D1F-4D4A-89E4-6EB323FFACF0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5DB37F55-98B0-4363-9DB6-1D2E9AE0EA51} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{5EA3755D-DACD-432B-A35B-2F99BC9255CD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{60222ACF-63F4-4966-A870-404926ADCC42} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{60F45A64-9FE7-441B-9BAF-36EA40FD1CFA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{61040854-B649-4E33-B4C1-391784234446} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6242A719-260A-4ABA-9AE9-1D55D7B481F4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{627D981F-2ADD-42A8-B19F-10412DDE6860} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{62B7E4E9-3393-4305-A309-E6CED4E41922} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{630B0250-EDDD-43BA-9F12-ABBE064833A7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{635729CC-6C38-42AA-B100-49DDB2F557BD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{636C5F42-E394-43CA-877C-829B6E434D4C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{63AAF2A9-FFA1-437F-92C1-B92F858078F2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{63CA1B5A-8FB3-432E-99E5-6FD391E35FC3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{63E2968E-ED29-4636-A309-28865A0A2C6B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6443D76D-D5D4-4DFF-8A44-C84EE80DCCCC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6452C868-6FD3-40D7-9507-DC9D38638B85} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{64810F52-5E21-4007-8335-2C011507862C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{64B1EFF9-7E7F-4482-93D9-65E49CBFA1F3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{65D2F8B1-88A2-4230-9E9A-116BBBC72332} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{666037F7-8193-4A52-A847-7733D67D6BA3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{66770694-A91D-472A-866C-B588CDD405B6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{66A28A1A-B8C3-45FA-841E-FE28F7C906C1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{66CC14FD-9FB8-4030-A38F-7B7B17CB499E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{66FBFD81-F746-45EA-AAD0-992E4FAFC18A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{673C3681-5EDA-4BEA-A4C7-80B65E26D8B5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{67C9CBCE-A09F-4B50-842E-14413840B638} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6819F665-AB3C-4F78-AF76-C3ED14DF7ECC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6829AFD8-6FAF-47F9-A772-7C5624E1ECE5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{696B1D8B-564E-4C8E-B0D4-A980B58717F5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{69D55ED0-4B11-4567-B1E8-5A0675757152} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{69E75D85-8BDC-4F80-AA87-13DBB3390119} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6C1E63D1-E849-4FCC-B6C1-273C08110EF9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6D92B532-D3A1-4EC2-8B45-0382CF683A78} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6DBC261D-5257-4F54-9486-5B5057923DAF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6E19230F-85F7-4961-9195-19E2F45AB5E0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6E6BF11C-99EC-4440-A5F6-95B16CFA9C75} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{6F4FF1BA-7145-4218-AF51-BE9EE599603E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{700589E7-B0A1-4160-8CAA-B16954A9F4F8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{701D4599-159B-414D-803D-159DEFB759A3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{70FF68B1-B5C7-4AF8-AFA5-957EA636975F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{712AA06A-2C05-4BF8-90E4-534DEDF5F286} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{712FC9C6-BBDE-4AA2-89B8-465960767361} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7188F106-DAC1-4612-BC49-D34B6C95282C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{71B95F98-A4ED-48EB-8699-0753913D9AB3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{724FEBF0-D748-4111-9B3B-8BC712A7B240} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{72DBEEBA-6A38-4727-AC93-BE9D88FB4148} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{72DE7131-F5D2-4B86-A17A-2D0C2713FF1C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{745018B8-5FE8-4630-A6A1-DAABD6AF771D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7570D7C8-6619-4F78-9ACA-465DF84A7AA8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{763B372E-5B65-485A-A731-97A44A40F492} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7709CE42-87C8-41D3-9F6C-164F08058FF7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{776437D8-6087-4C64-B68C-F112BC79471F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{777CE266-5D05-48FD-8698-FFFF0902307D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{779FFEC4-7881-484D-B7F0-A1B294A9FC56} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{78001EC9-56DD-4120-99E2-DF24BE39863E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7854E6B7-63BE-4B01-9935-256CD49D9C88} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{78F233FC-07C1-40D3-8EE4-8AEC4793EE5C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7956200B-9AE0-4E7A-81E8-6C10C54A12BB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7A4A9446-7A79-4259-B31A-732D73592AE6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7A69F619-4967-4442-A5CB-7C24625FB4B7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7A7B04C7-1E50-46BF-8113-3D6024793B2D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7AB11E69-73F9-4350-BB61-B3BC3315E89C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7AD8846B-D879-4CC9-91C9-44ABCA4DF468} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7B0D5AD6-4AAF-4BAD-95F6-80486B8C5D8B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7BA3A832-6CFA-46CA-8A78-0D56C211D0E0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7C189293-DD14-44D7-8AC2-409D49D61CA8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7C1B4298-4279-4A04-8E41-E5FCBB7422C2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7E10FD68-F9A2-41B4-8724-1AC8B59E85E3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{7E871461-2D4B-482B-9C34-B182AFDBB7D7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{800BE26C-CE32-47F4-BDE6-CF3CC56AA47D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{805D8469-9088-4A0F-BF8E-0A0903B998F3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{80670950-2F9A-44B9-B6A5-7F59F700C307} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{81478301-9E8F-4E16-B114-32D4CF7BBF8F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8199748C-E1EE-4B47-9350-D137C22FF984} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{83E2CDB2-51F1-4E8E-818E-CCB207AF8DD1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{84996524-9E89-44EF-95C8-7F729CFBB41B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{84E5ADEC-EAA4-4C86-B888-42443018E9A9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8535DC1E-4958-473F-9A69-C4B7589A9995} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{85F13114-B977-4FC0-B13F-9CA7157BA83F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{870DD37D-8392-461C-BE5F-3AD8003BE578} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{883CA4ED-5F94-4129-946A-086A4E2D50C0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{884278D8-8716-4D8F-BCB2-B0D6BB7AC1E9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{884F04A7-05F2-42D0-90D1-7EBE98545226} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8900C171-10F8-44D7-9537-BCFFB69D31ED} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8AEA9514-1B42-42D2-B80B-986672128490} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8B76B59B-1661-4308-94E9-477003A5D249} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8DBE03F5-122A-4F4A-B26E-4D4E1679CE0B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8E04ECDF-43CF-417D-B37A-BD7AB8542B29} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8E053292-7087-4E9D-B1D7-18C7E9C26FDF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{8E73C4BF-CB8D-4E04-8F4A-271EBDB4AF88} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{90433A10-E40F-48BA-B5CB-3EF971A246A4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9060F67B-5A51-4DEE-B05E-6BDEFBC406EA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{91151E6C-1B50-4389-B1F2-0072C2AA8C63} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{912E185D-A697-4415-BCBD-430B7F645880} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{91562005-A163-4257-9E7F-F8ADA9F4B869} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{91FA0C1A-5003-450C-845B-7539259EE492} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9212A327-31F7-4FC6-8074-711649B962FE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{928982F5-E94A-49F7-B652-E94A7D00CE3E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9291FF5A-7A99-4611-98BA-37430523DD1C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{92AB698A-8CEF-4B79-B192-5792D06E5AA1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{93605BBE-E65C-48C4-942C-EF1A0161D756} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{939714CA-43A4-4A1A-A62D-EA859E8BB220} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{939FDCEA-40FC-4187-B3A0-E2363145AE0D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{94078236-3119-4F58-8409-130E91519635} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{95823F6F-9EA2-4B10-B823-8127AAC86311} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{95C73130-D51B-4383-BE8E-F14FA33B5092} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{965984FD-F03A-4378-84E7-282E29433E37} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{96BB5B94-EA23-4EF1-A6D9-99539102C43A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{97492FF2-2389-4052-BC37-BB16A795FEE9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{974AB16B-07E9-4A52-B58E-037E35D3671D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9932E6CE-BFD6-48C2-AC58-77CFEE94E0C4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9ABD33B0-5BA8-4C5B-8D58-2AB25740790A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9C243373-25D4-4088-8471-00661312818C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9C80880E-8012-4D6B-B3CD-DAC200CE6C47} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9C8439CE-491D-4491-91A7-1D4A6553E8DF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9CFAF0A0-1DB4-4E9A-9F40-E9764366CA61} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9DE1D3BA-C6C6-4E17-B10F-C3E04EF6DF9F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9DFB4A8F-6692-4082-868F-BC0EE9C10784} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9E8F7018-4F1B-4DCA-A29A-7F74D226E6E2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9EFD9988-C5E3-4FC1-AB5C-E969EC0652D5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9F2EE203-A6E2-42F1-889B-63AC788D97BB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9F6D2782-8892-41BD-AB5B-497845CB148A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{9FA28100-04D0-4ED8-881F-0CC5465855C9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A03B3075-E965-4BBE-BAEA-5DB4ABE71AFF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A0C664AE-3485-47B5-914D-6D45FAC6F315} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A11C06BC-5AFE-4523-A512-B56BDAC7EDCB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A20CA7AA-5599-4971-9CCC-0B67B0BF14CC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A22EF226-50FD-4D7F-BB9C-E61D4CB745F6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A2905515-B53F-4AAC-8DB0-1634818BF0FC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A2BDF857-2195-4D5A-9AB2-38CB3FBDB460} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A38695E0-7F28-4EF9-92A4-AA7FC8F1CA50} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A3BD49AC-72AA-4216-9F50-CDA7B37F7E22} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A456A760-2933-4DA0-BB00-70825EB0D838} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A474B3EE-F282-4141-A11D-67A568BFA533} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A52C00C1-B8BF-420D-9B30-15396F03E418} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A536AA5A-4B99-4D51-8109-672396808BA0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A5511474-4E6B-4D2B-BC2F-F582CFB891FE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A598856F-6862-44C2-8C26-5F779A039CDE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A5EEBA0C-742B-432F-9443-4BADAF46B1AA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A5F7B21F-79B7-4049-9C45-A0A74BB09275} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A5FF08FD-19E1-4B85-8ACE-86439859CC6E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A61FFAD7-59E2-4ACD-88F8-3ABFF2A42705} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A66E5509-1863-4DA7-BCEF-88CEDB1A0B5B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A6D746FA-5100-46E6-8AC1-3EB4FCBB497E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A6F78826-D6D0-4CCE-A7FD-20F0ABC459F1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A74F4889-1FFC-4AEB-8D80-AC2D2D03D8FB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A78FF8FA-43C2-4D4B-B914-DD1ED2E14AA3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A7D5F999-B947-4002-9F10-E709393C2D61} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A81FBA35-EF43-4E11-8044-1488025A47EA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A863443A-C38F-4C16-B30E-8C8B1804B317} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{A89FFA3B-FCA3-4B53-B014-8F5B6FA48332} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{AA308F92-84FB-4451-9623-BD2B672AE68A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{AB34388A-3416-4479-85D5-6FACD7E3E4AA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{AC65D6F9-1E44-4834-8278-33E2FB37DB9F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{ADB90427-65CE-49B4-B6B2-1B5A42C5B1A2} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{ADF9EBE6-72F8-4D17-8707-A8F0F8CE365E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{AE8F20D6-2A4D-4DBA-8C2E-CC9FFC6E9203} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{AF490389-BA3F-405F-9488-1FA98265C739} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B0B9AAFA-D728-4397-8917-8535A5947D07} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B1C7FCE8-7E98-4E8D-8CD5-1422CD3B7B7B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B2C7887F-0758-47DC-B620-68A3291A04FF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B32694EB-5860-4E34-8E7B-91624B86C4CA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B35E57A9-3727-4D40-AA1C-C1A76A2C1FA9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B407601F-681B-40D3-8CFF-7B9369BFAD56} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B5646373-FD9B-4C3D-9F04-3C552A30A06B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B5A0EF46-2E76-4110-8F1C-BB89C5ADE04C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B5FE1870-141F-427C-8642-01D2B30AA7FB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B6E0C4D7-1EC6-4D66-9358-AEF860C73A7A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B752DE9B-C980-4A30-BE0B-DCFF3B429428} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B88B1A93-7A33-4FE4-A069-2602DA8CF688} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B8A7FEC5-6AAF-42EE-96E1-D18F21768ECD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B9CFFD0C-5BD3-4784-8F03-ECEA4D610C16} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{B9F45BE8-C8B7-4A6C-BE82-E7EF90692E21} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BA183760-A921-4C3C-8A0C-0A17B8A071BF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BA1BA144-9C66-4E47-9485-CB477392AB23} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BA8B62DC-6092-43CD-95DA-7973D2493E09} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BA96C673-E39E-4BC8-AE37-752C25FAC020} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BAC84584-AD09-4C51-BDBD-610C30A331BA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BB125F8F-D57A-464A-8E63-DEA4E68BB7F1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BB2FEB0B-60BB-4068-9A82-9D023F7A39DC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BB6E9927-BE50-4523-B22A-25534E97C9E8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BBADB398-B3C7-4650-8C2B-9AE248563485} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BC2A05C6-53D0-4343-B57C-6D37F331C241} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BC6ECB2B-2DB6-4430-B0AD-F7ED31B42116} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BC9E9C93-7620-4E9B-9027-C15B7783F5EB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{BDD5D385-5CD9-49F2-BDCC-B7166AA23765} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C02E3722-9CCA-4053-A88D-BBA9EEBCF77F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C083F48F-6245-40E1-B022-371A7EC7A181} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C2D6F77F-EBD4-4B31-9698-D6FDA623AED4} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C31EC9B3-65F5-4DF4-86D3-2A02DDF2A2E1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C3B3BCD6-9453-4B65-A9C5-A6313E85BD97} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C3DDD770-A32C-4D79-B6E0-8F43471E255E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C3EA6BB9-27A5-44F2-B2AE-A17B6302C53C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C4727EF7-627B-4862-8D0E-C91FB7704EFE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C4AC733A-1CA6-4371-A116-AEE0C1BFE108} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C5D62AEF-1D92-4370-A83B-36EDA538EE49} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C5F1F495-9F81-4A6E-B303-502CACA237AE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C5FF150C-06CB-4A07-8931-F93905021A38} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C6944028-7FEF-493A-B2C1-08D81E113229} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C6D9B933-6CC6-4574-BCDF-C75028AE8A87} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C8B70812-13E9-4C00-ACA7-845B4BDBF71B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C8FE367C-50B7-4515-96E5-0ED57F765684} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C954E960-0BA1-4BA4-8D17-F7DBEDF05C54} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C9A614EC-78E2-44AA-8562-405A7097F04B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{C9B595EE-5554-4D12-8185-915CBB652500} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CA151461-0AA5-4418-86E1-6E5234D12AA0} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CC6737EB-322B-41AE-AF85-7CFE4DAB777C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CC6EEB14-F9B8-43F2-82BF-AAFF53EFEBFD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CC866651-D7BC-4753-A211-EA824973A4CB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CD937919-FD27-46B9-ABE9-65B5D337F369} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CDE326DC-42AB-4D78-B508-7417C023ECCE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CE6C3969-71E9-4318-9DF4-8609A0F03C9A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CEA98B33-134C-4E05-B3B7-F0AF98AAD03B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CED5DDF7-F7C8-4D36-96B7-C6E5EC6E9FC9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{CF02170C-2878-4392-B1A5-84F3B231780B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D0D434F2-FDAE-4070-8B32-C940C1CB70FA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D0DB9431-368B-4715-822D-8928A901C969} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D0FC9B22-F30E-46A0-8554-C15433D9E849} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D213FD0F-BF74-4455-A01C-27B2B579D60C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D28DCED8-4A81-4B4B-99FC-D1051F02D568} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D309076D-4C6B-42FD-8B4F-979EFB4A5D3F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D36D3DB7-5916-4877-BD8D-67EA75B97206} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D449880D-E2C0-4A8C-A486-19BE68C96F23} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D4A09719-5EB8-4D82-AE80-28BB4B8B2E55} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D4AC834E-6CEA-488B-9223-F19CCB18CC64} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D5200C0A-EA43-410B-A528-7F3BD11E929B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D5D8CCAF-AD54-4C7A-B57E-FD62286F1E0F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D615162F-B86F-4E91-9ABF-B88BA729F65D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D658C7E6-CCB3-457B-A72C-1F98C464BDF3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D65EEEE2-DF41-49E0-AD19-49FF3FF104C1} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D6D8167B-6C5F-4060-A4D1-11E8A0260304} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D7267F86-97BF-4E74-85B1-C90084466C72} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D7405CF3-8566-4B98-A876-3B5456F3A887} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D7B500E4-6A0C-477D-9C0A-3D401DD973D3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D7CA5F32-3988-4000-B6D5-650DC7B5C1E6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D7E9FEF5-27C9-406A-9359-52E217A68430} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{D87AB3A3-F523-44F1-95EF-1C2F343926E5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DA885BAB-DBC4-49DB-B542-1C0910EB2DF3} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DAFF593B-EA72-47ED-B9F7-8F477281E02A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DB465025-9301-41E7-85DC-FE73F6026B36} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DB5CD8B7-6944-4349-8968-C9E14EAF568E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DC1689BF-7549-4D43-A731-779539254151} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DD7DF569-964F-45BB-92AD-815162B01926} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DD92B916-E1E6-47A7-A0EB-83B1D39F19DB} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DDDE9645-B547-4FA7-9DE4-44FBEC5720CC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DDE0B0CC-4339-4707-BA2B-970DA04AA8D6} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DE076052-4532-46D5-9BA9-8C36E9D536DD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DE0E5D92-E44F-4E55-8BEE-4EBA379726B9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DE62F99E-0358-4BE7-973F-B4CCA9ADEE09} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DEA3658C-A699-49E3-BECC-37BA38F77B94} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{DF8D0BF3-543A-4673-841F-5C790926491E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E0724743-FED1-439D-BF40-405765B2867E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E0E10471-A661-4C9C-A0E7-4FCEB8C0A78E} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E182F6B6-30BA-456C-A526-26677E205F69} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E1A4FC7E-EB14-4A59-8BC6-EB41CED35EA5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E21538EC-AAA3-4D1F-BBC7-1BA98A37BDDE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E28534CC-E26C-479B-A0BF-669940ADEBAF} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E2C05DA2-D2F7-4968-9A7D-C4B279AD6841} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E385A8E8-69AA-4999-98CB-66162CEBD209} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E38CB508-A6FC-4B80-9173-B69474705B18} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E3B303A8-5B22-4D3A-8F35-0060D866FB41} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E3C02988-79C7-454A-8489-CA565C6DB999} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E496C775-9DAF-4FE1-A40D-DAFC41A7696A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E4F853FA-F40B-4142-A766-65769971DCA5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E51A547D-694B-40ED-94A2-AB65DA0A9323} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E5465F3A-FFD3-4F03-8E84-A53E06C829A9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E60CAF6F-0804-4B4B-8EB6-EB5A9B58735F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E6102000-8D8A-4133-AF37-10F121D22D1B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E6E5A9DB-26FE-4A7F-9266-B1A14BF0F5BC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E89192D4-01FD-4586-9B04-E27212FE4497} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E9BA2C1C-A37B-47E5-A939-456FCA92308A} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E9E98704-DDD8-4FCE-B91C-61D536DF5F99} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E9F09D68-1C61-48AC-AA10-C98095F4C048} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{E9F9DDB9-D408-4E40-9B74-414A360176D7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{EA686919-687E-4DC0-9C93-731C86A76A9B} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{EA74CA26-3062-44CD-8266-219CDE473FE8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{EB5B072D-BC40-4D28-9F37-5BFC95A84BBD} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{EDB91085-8011-49A9-9ACE-3B7C3277080D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{EED693FC-E16E-46AA-8DBF-B7835D9C2750} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F0823B05-EEDE-4599-825E-A9EF5AA48307} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F0F380AA-36F9-4EB5-AF63-8F35A28254D9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F1750D32-D5B0-4059-971E-05989FA04D0D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F1C1677F-491E-4608-8D5F-69AE9BCA231F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F1C74BA9-1C24-46E8-A8CD-4D4644532861} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F1D6FA98-C8B3-46E4-BB03-A271C3D22FE5} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F207A585-8792-4CBC-88F8-0F0F219BAD92} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F2D82BCC-1361-4DD8-BD4D-F286D088D12F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F387CBE2-5102-4593-8EF8-377743FCE027} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F468905E-6FAC-4258-8A16-7886B5048981} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F49A60E0-FAB6-4588-9CBB-A54F6F190DE7} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F4F58C8F-5859-4242-B20E-26C88285A05C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F552D65E-056C-4D10-BF3E-CDFF9F68D813} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F5D74D82-3543-495B-A055-5CC027553057} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F60E0698-88A8-4B38-A2F7-72FFAC82FD28} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F63AC081-2B18-4547-8091-0447D55DF25F} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F6FF66C9-F9CA-4803-BD29-7BA6D620385D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F826E8CE-BF3F-481F-8CB1-58A3C537688D} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F8FB288B-6D92-4D89-8B49-09BDDB94AEBE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F928538C-F7D8-491D-AEA7-0B21E930AAC9} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{F95E6951-EA17-4789-8121-39F51CFB7FF8} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FA1091FE-9075-4738-9431-656B15313E8C} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FA55E217-4413-49CE-A663-FB80CE0EF0CE} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FA94C51C-0688-40EB-A898-398679BF8D74} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FC839617-B3A9-4D2D-938C-58FA75CE2DEC} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FEA10812-BA80-40B6-950F-3546549B2C68} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FEE5452E-0A60-4230-91B8-81F50E161212} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\{FF93A107-E7B8-4371-9233-263AC4CEACBA} (Empty Folder)
Successfully deleted: C:\Users\Vic\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Vic\AppData\Roaming\convert audio free (Folder)
Successfully deleted: C:\Users\Vic\AppData\Roaming\new version available (Folder)
Successfully deleted: C:\Program Files (x86)\mp3 rocket (Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{904C22BF-CD32-407E-A444-5387D461ACFF} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/11/2017 at 22:16:25.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
#15 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
Ran by Vic (administrator) on VIC-PC (11-02-2017 22:23:55)
Running from C:\Downloads\Farbar Recovery Scan Tool
Loaded Profiles: Vic (Available Profiles: Vic)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\nav.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
() C:\Program Files (x86)\ProShow Producer60\scsiaccess.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\nav.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174328 2015-09-29] (Realtek Semiconductor)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2012-07-25] (Intel® Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2016-11-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-30] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-01-28] (Siber Systems)
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\MountPoints2: {4d8f6b9b-10ae-11e6-8146-b870f455cb03} - "E:\WD SmartWare.exe" autoplay=true
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.68\buShell.dll [2017-02-07] (Symantec Corporation)
Startup: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\clipx - Shortcut.lnk [2014-03-30]
ShortcutTarget: clipx - Shortcut.lnk -> C:\Program Files (x86)\ClipX\clipx.exe ()
Startup: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots Wallpaper & Screensaver.lnk [2016-12-19]
ShortcutTarget: Webshots Wallpaper & Screensaver.lnk -> C:\Program Files (x86)\Webshots\Wallpaper\Webshots.exe (Webshots)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3a7f8790-4786-4932-b01b-f2028a612516}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5eb6bef-5c97-4fca-9ebe-b357ba29153b}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-03-02] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-01-28] (Siber Systems Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-02] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-02] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.68\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-01-28] (Siber Systems Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-03-02] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-01-28] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\coIEPlg.dll [2017-02-07] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-01-28] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine32\22.9.0.68\coIEPlg.dll [2017-02-07] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-03-02] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3846380544-3363897709-504992317-1001 -> hxxp://bing.com/
Edge Extension: (RoboForm) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_1.1.3.0_neutral__7kk3kr9e0p1np [2017-02-08]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon [2017-02-10]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.7.0.76\coFFAddon
FF HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\Firefox\Extensions: [{a5cd2294-8634-43ad-8872-0b17ed4d3cc8}] - C:\Program Files (x86)\View-Password-soft\157.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-28] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-10] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-10-13] (Nero AG)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-05-31] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/search
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default [2017-02-11]
CHR Extension: (Google Drive) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-13]
CHR Extension: (YouTube) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30]
CHR Extension: (Google Search) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30]
CHR Extension: (iCloud Bookmarks) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2016-02-01]
CHR Extension: (Classic blue theme) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gapfoeoijjkibljnhednndeabimdilek [2015-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-13]
CHR Extension: (Gmail App Launcher) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlbjackfgfafcnpfaanflcjoknkhofnh [2016-05-23]
CHR Extension: (Sticky Notes) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2016-06-03]
CHR Extension: (FullTab) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflppnogboohignhhlofaljmfcmddefi [2017-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Tab Layouts - Arrange Tabs Into Layouts) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnolcokfhilodfohiidmaelobjleppf [2016-12-22]
CHR Extension: (Gmail) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30]
CHR Extension: (Chrome Media Router) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-02]
CHR Extension: (RoboForm Password Manager) - C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-11-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\Exts\Chrome.crx [2017-02-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-01]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Vic\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-13]
CHR HKU\S-1-5-21-3846380544-3363897709-504992317-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\Exts\Chrome.crx [2017-02-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-09-13] (Intel Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-08-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2012-07-18] (Red Bend Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\NAV.exe [326152 2017-02-06] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315648 2015-09-29] (Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\ProShow Producer60\ScsiAccess.exe [186760 2015-05-31] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2016-11-23] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2012-07-18] (Intel(R) Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.0.76\Definitions\BASHDefs\20170208.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NAV; C:\WINDOWS\system32\drivers\NAVx64\1609000.044\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [34512 2016-12-23] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-02-01] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.7.0.76\Definitions\IPSDefs\20170210.001\IDSvia64.sys [1038024 2017-02-10] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew00.sys [3341824 2016-07-16] (Intel Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [92344 2017-02-06] (Sysinternals - www.sysinternals.com)
S3 PSMounterEx; C:\WINDOWS\system32\drivers\psmounterex.sys [169992 2015-07-30] (Windows (R) Win 7 DDK provider)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [12760 2014-07-21] (Paramount Software UK Ltd)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated)
R1 SRTSP; C:\WINDOWS\System32\Drivers\NAVx64\1609000.044\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NAVx64\1609000.044\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NAVx64\1609000.044\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NAVx64\1609000.044\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-10] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NAVx64\1609000.044\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NAVx64\1609000.044\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 22:16 - 2017-02-11 22:16 - 00050728 _____ C:\Users\Vic\Desktop\JRT.txt
2017-02-10 21:32 - 2014-04-28 21:07 - 00003532 _____ C:\WINDOWS\ntbtlog.txt
2017-02-10 11:38 - 2017-02-11 21:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2017-02-10 11:32 - 2017-02-10 11:32 - 00003388 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-09 12:20 - 2017-02-09 12:20 - 00003256 _____ C:\WINDOWS\System32\Tasks\{509CC2FC-D15E-40A1-BF4E-6A7F147006C5}
2017-02-06 22:07 - 2017-02-06 22:07 - 00092344 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2017-02-05 10:56 - 2017-02-11 22:23 - 00000000 ____D C:\FRST
2017-02-04 14:55 - 2017-02-04 14:55 - 00000000 ____D C:\Users\Vic\AppData\Local\Spoon
2017-02-04 14:44 - 2017-02-04 14:44 - 00002529 _____ C:\Users\Public\Desktop\TurboTax 2016.lnk
2017-02-04 14:44 - 2017-02-04 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-01-31 11:30 - 2017-01-31 11:30 - 00001210 _____ C:\Users\Public\Desktop\DAK Audio Workshop.lnk
2017-01-28 19:07 - 2017-01-28 19:07 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-27 20:05 - 2017-01-27 20:05 - 00001240 _____ C:\Users\Public\Desktop\Movavi Screen Capture 8.lnk
2017-01-27 20:05 - 2017-01-27 20:05 - 00000000 ____D C:\Users\Vic\AppData\Local\ScreenCapture
2017-01-27 20:05 - 2017-01-27 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-02-09 12:10 - 00000000 ____D C:\Program Files (x86)\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-01-28 19:23 - 00000000 ____D C:\ProgramData\Movavi Screen Capture 8
2017-01-27 20:04 - 2017-01-27 20:04 - 00004096 _____ C:\ProgramData\nakuvtjg.ewu
2017-01-25 12:23 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 12:23 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-13 17:09 - 2017-01-13 17:09 - 00000000 ____D C:\Users\Vic\Documents\VideoPad Projects
2017-01-13 12:08 - 2016-12-21 00:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-13 12:08 - 2016-12-20 23:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-13 12:08 - 2016-12-20 23:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-13 12:08 - 2016-12-20 23:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-13 12:08 - 2016-12-20 23:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-13 12:08 - 2016-12-20 23:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-13 12:08 - 2016-12-20 23:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-13 12:08 - 2016-12-20 23:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-13 12:08 - 2016-12-20 23:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-13 12:08 - 2016-12-20 23:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-13 12:08 - 2016-12-20 23:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-13 12:08 - 2016-12-20 23:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-13 12:08 - 2016-12-14 00:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-13 12:08 - 2016-12-13 23:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-13 12:08 - 2016-12-13 23:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-13 12:08 - 2016-12-13 23:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-13 12:08 - 2016-12-13 23:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-13 12:08 - 2016-12-13 23:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-13 12:08 - 2016-12-13 23:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-13 12:08 - 2016-12-13 23:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-13 12:07 - 2016-12-21 00:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-13 12:07 - 2016-12-21 00:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-13 12:07 - 2016-12-21 00:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-13 12:07 - 2016-12-20 23:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-13 12:07 - 2016-12-20 23:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-13 12:07 - 2016-12-20 23:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-13 12:07 - 2016-12-20 23:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-13 12:07 - 2016-12-20 23:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-13 12:07 - 2016-12-20 23:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-13 12:07 - 2016-12-20 23:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-13 12:07 - 2016-12-20 23:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-13 12:07 - 2016-12-20 23:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-13 12:07 - 2016-12-20 23:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-13 12:07 - 2016-12-20 23:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-13 12:07 - 2016-12-20 23:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-13 12:07 - 2016-12-14 00:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-13 12:07 - 2016-12-14 00:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-13 12:07 - 2016-12-14 00:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-13 12:07 - 2016-12-14 00:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-13 12:07 - 2016-12-14 00:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-13 12:07 - 2016-12-13 23:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-13 12:07 - 2016-12-13 23:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-13 12:07 - 2016-12-13 23:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 12:07 - 2016-12-13 23:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-13 12:07 - 2016-12-13 23:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-13 12:07 - 2016-12-13 23:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-13 12:07 - 2016-12-13 23:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-13 12:07 - 2016-12-13 23:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-13 12:07 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-13 12:07 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-13 11:24 - 2016-12-21 02:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-13 11:23 - 2016-12-21 02:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-13 11:23 - 2016-12-21 02:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-13 11:23 - 2016-12-21 02:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-13 11:23 - 2016-12-21 02:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-13 11:23 - 2016-12-21 02:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-13 11:23 - 2016-12-21 02:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-13 11:23 - 2016-12-21 02:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-13 11:23 - 2016-12-21 02:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-13 11:23 - 2016-12-21 02:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-13 11:23 - 2016-12-21 01:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-13 11:23 - 2016-12-21 01:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-13 11:23 - 2016-12-14 00:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-13 11:23 - 2016-12-14 00:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-13 11:23 - 2016-12-13 23:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-13 11:23 - 2016-12-13 23:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-13 11:23 - 2016-12-13 23:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-13 11:23 - 2016-12-13 23:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-13 11:23 - 2016-12-13 23:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-13 11:23 - 2016-12-13 23:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-13 11:23 - 2016-12-13 23:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-13 11:23 - 2016-12-13 23:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-13 11:23 - 2016-12-13 23:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-13 11:23 - 2016-12-13 23:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-13 11:23 - 2016-12-13 23:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-13 11:23 - 2016-12-13 23:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-13 11:23 - 2016-12-13 23:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-13 11:23 - 2016-12-13 23:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-13 11:23 - 2016-12-13 23:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-13 11:23 - 2016-12-13 23:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-13 11:22 - 2016-12-21 02:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-13 11:22 - 2016-12-21 02:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-13 11:22 - 2016-12-21 02:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-13 11:22 - 2016-12-21 02:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-13 11:22 - 2016-12-21 02:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-13 11:22 - 2016-12-21 02:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-13 11:22 - 2016-12-21 02:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-13 11:22 - 2016-12-21 02:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-13 11:22 - 2016-12-21 02:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-13 11:22 - 2016-12-21 02:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-13 11:22 - 2016-12-21 02:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-13 11:22 - 2016-12-21 01:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-13 11:22 - 2016-12-21 01:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-13 11:22 - 2016-12-21 01:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-13 11:22 - 2016-12-21 01:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-13 11:22 - 2016-12-21 01:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-13 11:22 - 2016-12-21 01:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-13 11:22 - 2016-12-14 00:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-13 11:22 - 2016-12-14 00:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-13 11:22 - 2016-12-13 23:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-13 11:22 - 2016-12-13 23:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-13 11:22 - 2016-12-13 23:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-13 11:21 - 2016-12-21 03:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-13 11:21 - 2016-12-21 03:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-13 11:21 - 2016-12-21 02:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-13 11:21 - 2016-12-21 02:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-13 11:21 - 2016-12-21 02:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-13 11:21 - 2016-12-21 02:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-13 11:21 - 2016-12-21 02:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-13 11:21 - 2016-12-21 02:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-13 11:21 - 2016-12-21 02:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-13 11:21 - 2016-12-21 01:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-13 11:21 - 2016-12-21 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-13 11:21 - 2016-12-21 01:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-13 11:21 - 2016-12-21 01:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-13 11:21 - 2016-12-21 01:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-13 11:21 - 2016-12-14 00:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-13 11:21 - 2016-12-13 23:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-13 11:21 - 2016-12-13 23:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-13 11:20 - 2016-12-21 03:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-13 11:20 - 2016-12-21 02:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-13 11:20 - 2016-12-21 02:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-13 11:20 - 2016-12-21 01:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-13 11:20 - 2016-12-21 01:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-13 11:20 - 2016-12-21 01:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-13 11:20 - 2016-12-21 01:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-13 11:20 - 2016-12-13 23:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-13 11:20 - 2016-12-13 23:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-13 11:20 - 2016-12-13 23:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-13 11:20 - 2016-12-13 23:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-13 11:20 - 2016-12-13 23:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-13 11:20 - 2016-12-13 23:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-13 11:20 - 2016-12-13 23:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-13 11:20 - 2016-12-13 23:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-13 11:20 - 2016-12-13 23:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-13 11:20 - 2016-12-13 23:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-13 11:12 - 2016-12-21 01:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-13 11:12 - 2016-12-21 01:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-13 11:12 - 2016-12-21 01:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-13 11:12 - 2016-12-14 00:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-13 11:12 - 2016-12-14 00:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-13 11:12 - 2016-12-14 00:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-13 11:12 - 2016-12-14 00:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-13 11:12 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-13 11:12 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-13 11:12 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-13 11:07 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-13 11:05 - 2016-12-21 02:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-13 11:05 - 2016-12-14 00:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-13 11:00 - 2016-12-14 00:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-13 11:00 - 2016-12-14 00:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 22:19 - 2016-09-25 11:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-02-11 22:11 - 2014-04-06 13:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-11 21:57 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-11 21:55 - 2016-12-07 15:59 - 00005220 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Vic-Pc-Vic Vic-Pc
2017-02-11 21:54 - 2014-02-28 23:13 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-02-11 21:53 - 2016-09-25 11:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-11 21:52 - 2016-09-25 11:27 - 00000000 ____D C:\Users\Vic
2017-02-11 21:52 - 2016-07-16 01:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-11 21:51 - 2014-05-10 16:20 - 00000000 ____D C:\AdwCleaner
2017-02-11 21:24 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 21:51 - 2014-04-28 14:41 - 00000000 ____D C:\Users\Vic\AppData\Local\NPE
2017-02-10 21:33 - 2014-04-28 14:43 - 00000000 ____D C:\NPE
2017-02-10 21:01 - 2016-09-25 11:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-10 18:07 - 2016-07-16 06:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-10 17:39 - 2015-06-09 18:09 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-10 11:35 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 11:32 - 2016-07-14 20:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2017-02-10 11:32 - 2016-06-29 15:35 - 00002414 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk
2017-02-10 11:32 - 2014-11-19 12:14 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2017-02-10 11:32 - 2014-11-19 12:13 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2017-02-10 11:30 - 2016-09-25 11:20 - 00820256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-10 09:53 - 2014-03-07 16:46 - 00000000 ____D C:\Users\Vic\AppData\Local\CrashDumps
2017-02-10 09:50 - 2014-11-19 12:14 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-10 09:50 - 2014-11-19 12:14 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-08 03:59 - 2014-02-25 17:36 - 00000000 ____D C:\Users\Vic\AppData\Local\Packages
2017-02-06 18:43 - 2016-07-16 01:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-02-05 11:33 - 2014-03-17 15:27 - 00000000 ____D C:\Users\Vic\Documents\TurboTax
2017-02-04 14:45 - 2014-03-17 15:27 - 00000934 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-02-04 14:42 - 2014-03-17 15:26 - 00000000 ____D C:\Users\Vic\AppData\Roaming\Intuit
2017-02-04 14:42 - 2014-03-17 15:22 - 00000000 ____D C:\Program Files (x86)\TurboTax
2017-02-03 10:29 - 2014-04-06 13:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-02 16:36 - 2014-04-06 13:38 - 00002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-31 11:33 - 2014-10-30 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Toolbox
2017-01-31 11:33 - 2014-10-30 14:37 - 00000000 ____D C:\Program Files (x86)\Audio Toolbox
2017-01-31 11:30 - 2014-08-07 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAK Audio Workshop
2017-01-31 11:30 - 2014-08-07 15:42 - 00000000 ____D C:\Program Files (x86)\DAK Audio Workshop
2017-01-28 19:54 - 2014-05-26 18:29 - 00000000 ____D C:\ProgramData\NCH Software
2017-01-28 19:54 - 2014-05-26 18:28 - 00000000 ____D C:\Program Files (x86)\NCH Software
2017-01-28 19:07 - 2015-09-29 13:25 - 00002393 _____ C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-28 19:07 - 2014-03-02 22:26 - 00000000 ___RD C:\Users\Vic\OneDrive
2017-01-28 09:31 - 2016-09-25 11:53 - 00004188 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2017-01-28 09:31 - 2016-09-25 11:53 - 00003570 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2017-01-28 09:28 - 2014-02-27 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2017-01-27 20:21 - 2016-11-18 22:18 - 00000000 ____D C:\Users\Vic\AppData\Local\Nero
2017-01-27 20:05 - 2014-10-15 12:30 - 00000000 ____D C:\Users\Vic\AppData\Local\Movavi
2017-01-25 12:27 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 11:33 - 2015-12-18 13:21 - 00000000 ____D C:\Users\Vic\Documents\ShuffleBoard
2017-01-24 11:19 - 2014-03-03 21:19 - 00000000 ____D C:\Users\Vic\Documents\Excel Documents
2017-01-19 21:46 - 2015-04-11 08:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-17 10:57 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-15 08:43 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-14 19:17 - 2015-09-10 00:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-14 19:07 - 2016-01-30 08:41 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-14 19:03 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-14 09:53 - 2014-02-25 18:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-13 17:38 - 2014-02-25 18:17 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-13 10:47 - 2016-09-25 11:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2014-10-29 10:22 - 2014-10-29 10:26 - 0000138 _____ () C:\Users\Vic\AppData\Roaming\settings.xml
2016-12-23 15:27 - 2016-12-23 15:27 - 0001167 _____ () C:\Users\Vic\AppData\Roaming\trace_FilterInstaller.txt
2016-12-23 15:27 - 2016-12-23 15:27 - 0000000 _____ () C:\Users\Vic\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-03-28 08:32 - 2015-02-09 16:11 - 0007680 _____ () C:\Users\Vic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-12 19:32 - 2014-04-12 19:32 - 0007599 _____ () C:\Users\Vic\AppData\Local\Resmon.ResmonCfg
2014-04-12 21:46 - 2014-04-12 21:47 - 0037466 _____ () C:\Users\Vic\AppData\Local\WiDiSetupLog.20140412.224608.wdl
2014-04-20 11:23 - 2014-04-20 11:26 - 0034168 _____ () C:\Users\Vic\AppData\Local\WiDiSetupLog.20140420.122358.wdl
2014-05-12 16:07 - 2014-05-12 16:07 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-29 10:20 - 2007-10-16 23:24 - 0001328 _____ () C:\ProgramData\CfgBennu.ini
2014-03-17 15:27 - 2017-02-04 14:45 - 0000934 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-01-27 20:04 - 2017-01-27 20:04 - 0004096 _____ () C:\ProgramData\nakuvtjg.ewu
2014-10-15 12:30 - 2014-10-15 12:30 - 0005038 _____ () C:\ProgramData\vczcspay.tpu

Some files in TEMP:
====================
2016-12-21 17:28 - 2012-07-27 03:22 - 0353944 ____R (CANON INC.) C:\Users\Vic\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-09 12:33

==================== End of FRST.txt ============================
 
#16 ·
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2017
Ran by Vic (11-02-2017 22:25:25)
Running from C:\Downloads\Farbar Recovery Scan Tool
Windows 10 Home Version 1607 (X64) (2016-09-25 16:57:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3846380544-3363897709-504992317-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3846380544-3363897709-504992317-503 - Limited - Disabled)
Guest (S-1-5-21-3846380544-3363897709-504992317-501 - Limited - Disabled)
Vic (S-1-5-21-3846380544-3363897709-504992317-1001 - Administrator - Enabled) => C:\Users\Vic

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audio Toolbox version 1.5 (HKLM-x32\...\{94384B5C-E235-47F0-A134-F42686D10A05}_is1) (Version: 1.5 - DAK)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version: - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
ClipX (HKLM-x32\...\ClipX) (Version: - )
Convert VOB to AVI (HKLM-x32\...\{5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1) (Version: - www.convertvobtoavi.com)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAK Audio Workshop version 2.4 (HKLM-x32\...\{F6DF561D-6D03-4248-A7C0-AC972D46236F}_is1) (Version: 2.4 - DAK Industries 2000)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 3.07 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6522E102-68A6-4912-83FC-D73CF5D64FA9}) (Version: 4.3.3.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Macrium Reflect Standard Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Standard Edition (Version: 5.3.7310 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4569.1507 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Screen Capture 8 (HKLM-x32\...\Movavi Screen Capture 8) (Version: 8.1.0 - Movavi)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 7.3.1 PRO - MP3 Rocket Inc)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 2015 Essentials (HKLM-x32\...\{2AAC27DF-265A-4DF1-9CFC-93707CD162E3}) (Version: 16.0.00100 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Prerequisite Installer 6.0 (HKLM-x32\...\{E5BAA2DF-F586-4319-BF9B-30AA50AD6B5D}) (Version: 18.0.00100 - Nero AG)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.9.0.68 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
RoboForm 7-9-26-6 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-26-6 - Siber Systems)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Scansoft PDF Professional (x32 Version: - ) Hidden
Serif PagePlus X6 (HKLM-x32\...\{E2B22002-9C8B-43CC-A75B-464B6ED4FF6B}) (Version: 16.0.3.29 - Serif (Europe) Ltd)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Print Shop 3.0 Fonts (HKLM-x32\...\{2C3060F6-F0DC-4F63-A70F-2070BE57EEDC}) (Version: 1.0 - Encore)
The Print Shop 3.0 Professional (HKLM-x32\...\{4B75C418-A7DF-4C11-B854-EB5EBFB07C88}) (Version: 3.0 - Encore)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Video Screen Trapper PRO (HKLM-x32\...\{911C5B68-E2F7-45D3-8E23-FFAE40FEC8BB}) (Version: 1.20.0000 - a DAK software product )
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{63911503-7EA4-4685-B2FD-D391EF622FB9}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{34C6812E-E231-4B13-9DAC-21E06ECA864A}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Webshots Wallpaper & Screensaver version 4.3.1.176 (HKLM-x32\...\{B84DEFE1-0175-47C9-BC1D-8645FCBC0ECE}_is1) (Version: 4.3.1.176 - Webshots)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\ChromeHTML: -> <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15105F4D-0C33-4FF3-823B-1F27C7DB599D} - System32\Tasks\{ADDFEC57-501D-466C-B50F-C5417162444C} => pcalua.exe -a "C:\Program Files (x86)\Audacity\unins000.exe"
Task: {31B6692C-7160-45E9-B93B-E99CCFFA0122} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3331F392-9421-4566-AC5D-5BA9BD5D4247} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {466544C2-26AE-4367-B471-9C1F2AF28857} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4ADD65D3-334A-4A11-BCFF-9809226104DA} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {54375509-2883-48BA-8A7C-5443C9F6E479} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {5B0CBA2E-E4F7-4FCA-8B7E-B522006721D2} - System32\Tasks\{509CC2FC-D15E-40A1-BF4E-6A7F147006C5} => pcalua.exe -a "C:\Program Files (x86)\Movavi Screen Capture 8\uninst.exe"
Task: {5C3C3E06-F750-4AE9-A187-0F16F7F23E12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {6AB2DEB8-B3E0-42F8-99DD-9827D2CCE7D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6B5A4AA3-EF55-467C-B87F-3BCB480B8C76} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6CA8A010-B26E-4DD8-9D3B-E83C76594E49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-13] (Microsoft Corporation)
Task: {80F7D49B-98F2-46E5-8DD9-E7AF19AD5544} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMOJNJJMLMLJNJHMLJCNNJKJMJLMCNLMNMMJHMCNOJLMOMNMCNNMLJNJJMJMHMHMOJKMLJMJJMJNJICMIMCNGMCNNMJMFMOMOMCNKMIMJMCNOMLMMMGMMMFMPMCNPMCNOMLMMMGMMMCNNMJNPICMOMFMEKMICNJJCKFMOMPMJMKMJNHICMOMPMKJGIMIJNBJCMJKGJMJJNKJCMJNNICMJNDJCMKJBJJNMJ (the data entry has 49 more characters).
Task: {88C74042-3D81-4C9A-9A8C-BCC7BC4647F7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {8C8B2F5A-C375-4FBD-A492-7B435BFE6DF2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {8F193628-1C33-4E29-9470-5D449AF376FA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Vic-Pc-Vic Vic-Pc => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-02] (Microsoft Corporation)
Task: {943642A2-984B-40DE-B077-F0C7B30541FF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AE1582EC-6D7B-4447-8DFB-D9B39B08C687} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-11-23] (Synaptics Incorporated)
Task: {AEBB5F28-FAA2-48F1-9F2D-B419DC8E5379} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {AF922B49-77B7-45E4-A6BA-36A4B12D4DC2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe
Task: {C4B189BF-EA9C-4C9F-A27E-4267A2BA46BB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {C5345FDB-3D9A-4EEA-96AA-53AFA41E0627} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CF89ABE2-3A43-4DFF-84A4-9DAA57742994} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2017-02-07] (Symantec Corporation)
Task: {D1A3117B-CB78-4783-8926-8A9401731226} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D32D5B17-7F2C-4914-A85B-AD1225919AFA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D64B0ABC-D1F1-4365-A801-3B3233390235} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3120C26-D274-4732-84DE-6DFFE131844E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E6629F48-C7B9-43C1-B45B-B48AC83A89FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E7182CAD-8B66-45C6-B501-BE5498C9CC33} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {F0DFFE39-3FF7-4DC0-A325-8C9190035BF2} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Autofix => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {F2A279CF-43DA-453E-B1AB-F6269DCA92ED} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\WSCStub.exe [2017-02-07] (Symantec Corporation)
Task: {F6DC288B-C480-4ED8-A4E6-7EABA69795F1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F85E6B9F-C71E-4A6B-B1E8-560FE10D01EA} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.9.0.68\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {FBB7CAA6-83EE-49DC-9346-BB337683AB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC95D197-55FF-43F2-AF5F-D5DE1625C903} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-01-28] (Siber Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Vic\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mlbjackfgfafcnpfaanflcjoknkhofnh\Gmail App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mlbjackfgfafcnpfaanflcjoknkhofnh
ShortcutWithArgument: C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-02 13:52 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-02 20:34 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-02 20:34 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-10-24 05:16 - 2015-05-31 08:41 - 00186760 _____ () C:\Program Files (x86)\ProShow Producer60\ScsiAccess.exe
2014-02-28 19:19 - 2005-04-21 23:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2017-01-02 13:52 - 2016-12-09 05:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2014-03-02 21:15 - 2014-03-02 21:15 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-02-06 08:57 - 2017-02-06 08:57 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 08:57 - 2017-02-06 08:57 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 08:57 - 2017-02-06 08:57 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:57 - 2017-02-06 08:57 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-25 15:13 - 2016-09-25 15:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-13 11:23 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-13 11:20 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-13 11:20 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-13 11:20 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-02 16:36 - 2017-02-01 04:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-02 16:36 - 2017-02-01 04:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-11 16:06 - 2017-01-11 16:06 - 17835096 _____ () C:\Users\Vic\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3846380544-3363897709-504992317-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "IntelWirelessWiMAX"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ACSW15EN"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "Module Loader"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\StartupFolder: => "Webshots Wallpaper & Screensaver.lnk"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3846380544-3363897709-504992317-1001\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{2345D900-C0A7-4425-BD03-27E9C32D8C8A}C:\program files (x86)\webshots\wallpaper\webshots.exe] => C:\program files (x86)\webshots\wallpaper\webshots.exe
FirewallRules: [TCP Query User{D369A6D9-E501-492B-A426-CDF74A9A0912}C:\program files (x86)\webshots\wallpaper\webshots.exe] => C:\program files (x86)\webshots\wallpaper\webshots.exe
FirewallRules: [UDP Query User{10EF3E4D-34B5-47B4-9367-C5792D496F2D}C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe] => C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{317379D5-C6E1-473D-94D5-042B03F21F0C}C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe] => C:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{4224BDC8-9D45-4B9C-B0A4-F39DE80C4777}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2EBEA9D4-D907-4CB3-8855-14EEA41ABE87}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F621742F-0AA0-4EB8-98AE-E334A3770E75}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{7F614EDB-4464-4BB7-B5E2-B10EB9531968}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ACB04C2C-DD72-47C5-B3AC-FF56DEDF0992}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5A059B45-EA89-4C7A-AC0C-EEBCF1007017}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DF9DE3D-7D5B-49B1-83B0-A3EB43038B87}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DA846740-697B-4C2E-AE01-5D1A2AD631B9}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E5034A38-019E-49E5-9ED9-30FDA9FC4079}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9644313D-A940-442B-A44E-471991231B31}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{449C7BDA-0D6A-4068-8F72-F51369399507}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{F0413B66-44D9-479B-B605-9311C42899F7}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{B4A6ABB7-1B31-402B-9AFA-F53C8133A9FA}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [TCP Query User{90461F0E-2813-496C-A549-7680C67D8876}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{CECDD357-1401-4453-A675-875F355DBC6A}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1BBA580A-491D-4C10-9BF2-FA4723B06A32}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4EBC0E14-2B22-4DDE-BB5E-188A65C3096A}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{D3416EC8-C222-4AA4-9677-665B969D2A57}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{66C29F81-3945-48C7-9B57-9B05D85F01E6}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{70913E02-3D4A-40E1-95A5-EDF3079230AA}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{ED3363D9-2E28-47D8-BD6E-9661DE288613}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{DCE04D58-B3CC-476E-B9AA-F3FB21FBCEDF}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

==================== Restore Points =========================

22-01-2017 15:21:46 Scheduled Checkpoint
31-01-2017 09:27:14 Scheduled Checkpoint
04-02-2017 14:42:49 Installed TurboTax 2016 wrapper
10-02-2017 21:48:00 Removed Java 7 Update 51
11-02-2017 22:12:19 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) WiMAX Enumerator
Description: Intel(R) Centrino(R) WiMAX Enumerator
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpenum
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Centrino(R) WiMAX Enumerator
Description: Intel(R) Centrino(R) WiMAX Enumerator
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpenum
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2017 10:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/11/2017 09:54:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (02/11/2017 09:50:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (02/11/2017 09:21:25 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
(HRESULT : 0x80040210) (0x80040210)

Error: (02/10/2017 10:13:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15578

Error: (02/10/2017 10:13:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15578

Error: (02/10/2017 10:13:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2017 09:48:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/10/2017 09:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 10.0.14393.0, time stamp: 0x57899b1c
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
Exception code: 0xc0000008
Fault offset: 0x00000000000a9d2a
Faulting process id: 0x918
Faulting application start time: 0x01d28410681b414a
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 526e5028-db3f-4c5e-93c4-b00f9aa530df
Faulting package full name:
Faulting package-relative application ID:

Error: (02/10/2017 09:40:21 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Downloads\Norton Power Eraser\NPE.exe Power Eraser\NPE.exe" /POSTADVSCAN /SERVICEPOSTADVSCAN; Description = Norton_Power_Eraser_20170210214018470; Error = 0x80070514).

System errors:
=============
Error: (02/11/2017 09:52:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/11/2017 09:50:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.

Error: (02/11/2017 09:50:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2017 09:50:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Nero Update service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2017 09:50:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/11/2017 09:50:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BrcmSetSecurity service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2017 09:50:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WD Backup service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/11/2017 09:50:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDFProFiltSrvPP service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2017 09:50:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WD Drive Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (02/11/2017 09:50:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® PROSet/Wireless WiMAX Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 6050.69 MB
Available physical RAM: 3177.26 MB
Total Virtual: 10122.69 MB
Available Virtual: 7271.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.84 GB) (Free:181.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9C93B985)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=837 MB) - (Type=27)

==================== End of Addition.txt ============================
 
#18 ·
I have not used msconfig.exe but I have used Task Manager possibly a year ago to disable several start up programs that I did not want to use. I also have used it each time the window pops up with "Your computer has been blocked" to end Chrome and then I have to restart chrome to continue use of the internet.
Should I take the extreme steps of wiping my hard drive and reinstalling everything because this issue is becoming very frustrating.
My neighbor, just this morning, was hit with this same issue - she called the number, thinking it was Microsoft - the person answered and demanded $199.00 to fix the problem, mean while she let the person do something to her computer, I warned her that she call her bank, etc.
 
#22 ·
Hi VJC.

Please run the following and post the results.

Step 1.
Run A Fix With FRST

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
(Both on the Desktop is OK, or both in the same folder elsewhere)

Run FRST64 and press the FIX button just once, and wait. DO NOT PRESS THE SCAN BUTTON.
If for some reason the tool needs a restart, please make sure you let the system restart normally.
The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

Step 2.
ESET online scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic. Scroll down to find your product.
  • Note: Remember to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scanner
  • Press the Blue Run ESET Online Scanner button on the left side of the page.
  • A popup box will open.
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • When the scan is completed and you would like the program removed, select Uninstall application on close. Be sure you have copied the log file first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt. NOTE: The file may not be at this exact location.
  • Copy and paste that log as a reply to this topic.

Note: Remember to re-enable your Anti-Virus application after running the above scan!
 

Attachments

#23 ·
Hi VJC,

It has been five days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • These topics will self- close after 45 days without a response.
  • If you do not reply within the next 48 hours, I will remove this topic from my notification list.
  • If you post back after 5 days from this post but before 45 days, PM me and wait for a response.
  • If you still need help after 45 days post a new log on a new thread.
 
#24 ·
I had to be away for a couple of weeks - back now - sorry about not getting in touch sooner~~
How do I generate "fixlist.txt" - I attempted to run the "Fix" option of the "FRST64.EXE" but it needs the "fixlist.txt"~~
Would appreciate any help~~
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top