Results 1 to 5 of 5
  1. #1
    Member
    Join Date
    Dec 2015
    Posts
    3
    Points
    0

    Default Slow PC - wondering what the issue might be

    My wife's PC is a few years old and seems to run very slow, slow to react to mouse and keyboard, especially when trying to use it after it's been sitting idle for a bit. I've ran SuperAntiSpyware, Malwarebytes, and HiJackThis. I've attached the logs. This PC has seemed to be slower than it seems it should be for a while now. Not that I can give a quantitative measurement of that. But just for example when typing this post my typing frequently gets way ahead of the screen display.

    Acer Aspire X1420G
    3.2 Windows Experience Index
    AMD Athlon(tm) II X4 645 Process 3.10 GHz
    4GB RAM
    64-bit Operating system

    I tried attaching the log files, but couldn't get that to work, so I'm just pasting the contents below. That resulted in too long of a post so I deleted the tracking cookies section of the first log.

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 12/14/2015 at 09:27 PM

    Application Version : 6.0.1210
    Database Version : 12231

    Scan type : Complete Scan
    Total Scan Time : 01:18:43

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 817
    Memory threats detected : 0
    Registry items scanned : 68707
    Registry threats detected : 0
    File items scanned : 25225
    File threats detected : 3202



    ============================
    Unwanted Programs Detected
    ============================
    Ask Toolbar

    ============
    End of Log
    ============


    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 12/15/2015
    Scan Time: 10:44 AM
    Logfile: Malwarebytes Threats detected log 12152015.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2015.12.15.04
    Rootkit Database: v2015.12.07.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Raelyn

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 502744
    Time Elapsed: 54 min, 34 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 8:42:34 PM, on 12/15/2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.18123)

    FIREFOX: 42.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Users\Raelyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
    C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Electa Live 8.0\eLectaLive8.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Raelyn\Downloads\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
    O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN221AS5TF05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    O4 - HKCU\..\Run: [Amazon Cloud Player] "C:\Users\Raelyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6C818813BA2A7B1A365815C4F5783BE1] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-708230597-557159494-1516868879-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-708230597-557159494-1516868879-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
    O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = ?
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: lxdw_device - Unknown owner - C:\Windows\system32\lxdwcoms.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
    O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 18737 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    Hi! My name is zep516 and Welcome to Help2Go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    I'd like to see a more comprehensive report, please download to the desktop and post both logs.

    No need to attach logs, pasting them in is actually better for me. These logs are big paste one at a time.

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  3. #3
    Member
    Join Date
    Dec 2015
    Posts
    3
    Points
    0

    Default

    Thanks zep516,

    First log:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
    Ran by Raelyn (administrator) on RAELYN-ACER (17-12-2015 08:00:04)
    Running from C:\Users\Raelyn\Downloads
    Loaded Profiles: Raelyn & UpdatusUser (Available Profiles: Raelyn & UpdatusUser)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
    () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    ( ) C:\Windows\System32\lxdwcoms.exe
    (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    () C:\Users\Raelyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Garmin) C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
    (Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_228_ActiveX.exe
    (ELECTA COMMUNICATIONS LTD) C:\Program Files (x86)\Electa Live 8.0\eLectaLive8.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Trend Micro Inc.) C:\Users\Raelyn\Downloads\HijackThis.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
    HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
    HKLM-x32\...\Run: [Garmin Lifetime Updater] => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [1466760 2012-06-04] (Garmin)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [Amazon Cloud Player] => C:\Users\Raelyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2013-12-12] ()
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Run: [GoogleChromeAutoLaunch_6C818813BA2A7B1A365815C4F5783BE1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-04] (Google Inc.)
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\MountPoints2: {00874851-bfb8-11e3-843d-f80f412a5123} - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-21-708230597-557159494-1516868879-1001\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
    HKU\S-1-5-21-708230597-557159494-1516868879-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] ()
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-10]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\Raelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2015-12-12]
    ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: 0.0.0.1 mssplus.mcafee.com
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{3580D70A-C806-4F28-902C-DAE39CDB2602}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{9D2AA961-26E8-4CBE-B09C-99B4529F9A7C}: [DhcpNameServer] 172.20.10.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
    HKU\S-1-5-21-708230597-557159494-1516868879-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
    SearchScopes: HKLM -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
    SearchScopes: HKLM -> {5B0DE60E-B1D7-49BA-BCD1-A032FC6C6831} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
    SearchScopes: HKLM -> {E1AD4C87-DE4C-43DA-808C-A56DCEC46CC9} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-708230597-557159494-1516868879-1000 -> {5B0DE60E-B1D7-49BA-BCD1-A032FC6C6831} URL =
    SearchScopes: HKU\S-1-5-21-708230597-557159494-1516868879-1000 -> {E1AD4C87-DE4C-43DA-808C-A56DCEC46CC9} URL =
    SearchScopes: HKU\S-1-5-21-708230597-557159494-1516868879-1000 -> {E53E1704-63A9-4605-881B-408B6A85E7C9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=459D8A4C-C858-457A-8656-9FB1BCB1153E&apn_sauid=BAD4CB8D-CDCB-42C2-9C06-DE594A625C84
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-19] (Google Inc.)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-12-04] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-19] (Google Inc.)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-12-04] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-19] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-19] (Google Inc.)
    Toolbar: HKU\S-1-5-21-708230597-557159494-1516868879-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-08-21] (McAfee, Inc.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Raelyn\AppData\Roaming\Mozilla\Firefox\Profiles\ieaytsyo.default
    FF DefaultSearchEngine: Google
    FF DefaultSearchEngine.US: Search Provided by Yahoo
    FF SearchEngineOrder.1: Ask.com
    FF SelectedSearchEngine: Yahoo
    FF Homepage: hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldstr_15_46&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtB0AyDtCtBtAyCyD0FyCtN0D0Tzu0StCyEtCtBtN1L2XzutAtFtCtBtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StCtByD0ByCzzyDtDtGtAyBtA0EtG0FtCtCzytGyByD0E0CtGyDtBzyyCyBzz0E0F0B0A0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0E0D0A0ByD0ByEtGtBtA0C0DtGyEyB0DtAtGzy0AzzyCtGyEtCyC0EyBtDyEyDyCtAyDtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzzzy%26cr%3D192265326%26a%3Dwbf_dnldstr_15_46%26os%3DWindows%2B7%2BHome%2BPremium
    FF Session Restore: -> is enabled.
    FF Keyword.URL:
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-12-04] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-12-04] (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-26] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-26] (NVIDIA Corporation)
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-708230597-557159494-1516868879-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Raelyn\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-07] (Citrix Online)
    FF Plugin HKU\S-1-5-21-708230597-557159494-1516868879-1000: ElectaLive8 -> C:\Program Files (x86)\Electa Live 8.0\ElectaPlugins\npelecta8.dll [2014-05-06] (Electa Communications Ltd)
    FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-02-18] [not signed]
    FF Extension: Pin It button - C:\Users\Raelyn\AppData\Roaming\Mozilla\Firefox\Profiles\ieaytsyo.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-07-07]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldstr_15_46&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtB0AyDtCtBtAyCyD0FyCtN0D0Tzu0StCyEtCtBtN1L2XzutAtFtCtBtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StCtByD0ByCzzyDtDtGtAyBtA0EtG0FtCtCzytGyByD0E0CtGyDtBzyyCyBzz0E0F0B0A0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0E0D0A0ByD0ByEtGtBtA0C0DtGyEyB0DtAtGzy0AzzyCtGyEtCyC0EyBtDyEyDyCtAyDtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzzzy%26cr%3D192265326%26a%3Dwbf_dnldstr_15_46%26os%3DWindows%2B7%2BHome%2BPremium
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR DefaultSearchURL: Default -> hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dnldstr_15_46&param1=1&param2=f%3D4%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtB0AyDtCtBtAyCyD0FyCtN0D0Tzu0StCyEtCtBtN1L2XzutAtFtCtBtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StCtByD0ByCzzyDtDtGtAyBtA0EtG0FtCtCzytGyByD0E0CtGyDtBzyyCyBzz0E0F0B0A0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0E0D0A0ByD0ByEtGtBtA0C0DtGyEyB0DtAtGzy0AzzyCtGyEtCyC0EyBtDyEyDyCtAyDtB2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDzzzy%26cr%3D192265326%26a%3Dwbf_dnldstr_15_46%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> search provided by yahoo.com
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\pdf.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll => No File
    CHR Plugin: (Norton Confidential) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll => No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll => No File
    CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll => No File
    CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll => No File
    CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll => No File
    CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll => No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
    CHR Profile: C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (YouTube) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Google Search) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
    CHR Extension: (Pin It Button) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
    CHR Extension: (Gmail) - C:\Users\Raelyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S2 0105981450339634mcinstcleanup; C:\Windows\TEMP\010598~1.EXE [882000 2015-06-18] (McAfee, Inc.)
    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
    R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
    S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
    R2 lxdw_device; C:\Windows\system32\lxdwcoms.exe [1044136 2009-10-16] ( )
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [1694152 2015-09-01] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
    R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-07-14] (Microsoft)
    R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
    S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-17 08:00 - 2015-12-17 08:01 - 00034129 _____ C:\Users\Raelyn\Downloads\FRST.txt
    2015-12-17 07:58 - 2015-12-17 08:00 - 00000000 ____D C:\FRST
    2015-12-17 07:56 - 2015-12-17 07:56 - 02370048 _____ (Farbar) C:\Users\Raelyn\Downloads\FRST64.exe
    2015-12-15 18:14 - 2015-12-15 18:14 - 00001094 _____ C:\Users\Raelyn\Documents\Malwarebytes Threats detected log 12152015.txt
    2015-12-13 20:34 - 2015-12-13 20:34 - 00002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
    2015-12-12 23:30 - 2015-12-12 23:30 - 00000000 ____D C:\Users\Raelyn\Downloads\backups
    2015-12-12 23:22 - 2015-12-12 23:22 - 00388608 _____ (Trend Micro Inc.) C:\Users\Raelyn\Downloads\HijackThis.exe
    2015-12-12 23:20 - 2015-12-13 00:37 - 00003216 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-708230597-557159494-1516868879-1000
    2015-12-12 23:19 - 2015-12-13 00:37 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-708230597-557159494-1516868879-1000
    2015-12-12 22:14 - 2015-12-12 22:14 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
    2015-12-12 22:14 - 2015-12-12 22:14 - 00001141 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
    2015-12-12 21:53 - 2015-12-12 21:53 - 00007948 _____ C:\Users\Raelyn\Documents\Malwarebytes Threats detected log 12122015.txt
    2015-12-12 19:30 - 2015-12-12 19:30 - 00000000 ____D C:\Users\Raelyn\AppData\Local\{09429A1C-26C2-4644-9D3F-064DF858A4BB}
    2015-12-12 11:28 - 2015-12-12 11:28 - 00000000 ____D C:\Users\Raelyn\AppData\LocalLow\Temp
    2015-12-12 09:50 - 2015-12-12 11:23 - 00000000 ____D C:\Users\Raelyn\AppData\Local\OfficeBSCache-MyComputer
    2015-12-10 17:32 - 2015-12-10 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2015-12-10 08:28 - 2015-12-10 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-12-08 13:37 - 2015-11-11 16:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-12-08 13:37 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-12-08 13:37 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-12-08 13:37 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-12-08 13:37 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-12-08 13:37 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-12-08 13:37 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-12-08 13:37 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-12-08 13:37 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-12-08 13:37 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-12-08 13:37 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-12-08 13:37 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-12-08 13:37 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-12-08 13:37 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-12-08 13:37 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-12-08 13:37 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-12-08 13:37 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-12-08 13:37 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-12-08 13:37 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-12-08 13:37 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-12-08 13:37 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-12-08 13:37 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-12-08 13:37 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-12-08 13:37 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-12-08 13:37 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2015-12-08 13:37 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2015-12-08 13:37 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-12-08 13:37 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-12-08 13:37 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-12-08 13:37 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-12-08 13:37 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-12-08 13:37 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-12-08 13:37 - 2015-11-08 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-12-08 13:37 - 2015-11-08 17:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-12-08 13:37 - 2015-11-08 17:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-12-08 13:37 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-12-08 13:37 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-12-08 13:37 - 2015-11-08 17:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-12-08 13:37 - 2015-11-08 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-12-08 13:37 - 2015-11-08 17:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-12-08 13:37 - 2015-11-08 17:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-12-08 13:37 - 2015-11-08 17:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-12-08 13:37 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-12-08 13:37 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-12-08 13:37 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-12-08 13:37 - 2015-11-08 17:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-12-08 13:37 - 2015-11-08 17:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-12-08 13:37 - 2015-11-08 17:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-12-08 13:37 - 2015-11-08 16:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-12-08 13:37 - 2015-11-08 16:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-12-08 13:37 - 2015-11-08 16:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-12-08 13:37 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-12-08 13:37 - 2015-11-08 16:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2015-12-08 13:37 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-12-08 13:37 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-12-08 13:37 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-12-08 13:37 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-12-08 13:37 - 2015-11-08 16:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-12-08 13:37 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-12-08 13:37 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-12-08 13:37 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-12-08 13:37 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-12-08 13:36 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-12-08 13:36 - 2015-11-08 16:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-12-08 13:34 - 2015-11-20 13:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-12-08 13:34 - 2015-11-20 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-12-08 13:34 - 2015-11-20 13:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-12-08 13:34 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-12-08 13:34 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-12-08 13:34 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-12-08 13:34 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-12-08 13:34 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-12-08 13:34 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2015-12-08 13:34 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
    2015-12-08 13:34 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2015-12-08 13:34 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
    2015-12-08 13:34 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-12-08 13:34 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-12-08 13:34 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2015-12-08 13:34 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-12-08 13:34 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2015-12-08 13:34 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-12-08 13:34 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
    2015-12-08 13:34 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
    2015-12-08 13:34 - 2015-11-05 14:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-12-08 13:34 - 2015-11-05 14:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-12-08 13:34 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2015-12-08 13:34 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2015-12-08 13:34 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2015-12-08 13:34 - 2015-10-08 18:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
    2015-12-08 13:34 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
    2015-12-08 13:34 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
    2015-12-08 13:34 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
    2015-12-08 13:34 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
    2015-12-08 13:34 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
    2015-12-08 13:34 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
    2015-12-08 13:34 - 2015-10-08 18:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
    2015-12-08 13:34 - 2015-10-08 14:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
    2015-12-08 13:34 - 2015-10-08 13:52 - 00419928 _____ C:\Windows\system32\locale.nls
    2015-12-08 13:29 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
    2015-12-08 13:29 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
    2015-12-06 21:41 - 2015-12-06 22:05 - 00005031 _____ C:\Users\Raelyn\Downloads\FabNFree-TealYellow-RecipeBinder-FreePrintables.zip
    2015-12-06 21:38 - 2015-12-06 22:04 - 00004907 _____ C:\Users\Raelyn\Downloads\FabNFree-NavyPink-RecipeBinder-FreePrintables.zip
    2015-12-06 21:38 - 2015-12-06 21:38 - 04755429 _____ C:\Users\Raelyn\Downloads\FabNFree-NavyPink-RecipeBinder-FreePrintables (1).zip
    2015-12-05 22:02 - 2015-12-05 22:02 - 09331611 _____ C:\Users\Raelyn\Downloads\101888434-Quiet-Book-Templates.pdf
    2015-12-04 17:52 - 2015-12-04 17:52 - 00000000 ____D C:\Users\Raelyn\AppData\Local\{3D101FD0-FF28-4520-A3DF-49087A283FD6}
    2015-12-04 08:16 - 2015-12-04 08:16 - 00000000 ____D C:\Users\Raelyn\AppData\Roaming\Sun
    2015-12-04 08:16 - 2015-12-04 08:16 - 00000000 ____D C:\Users\Raelyn\.oracle_jre_usage
    2015-12-04 08:15 - 2015-12-04 08:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-12-04 08:15 - 2015-12-04 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-12-04 08:14 - 2015-12-04 08:14 - 00000000 ____D C:\Users\Raelyn\AppData\LocalLow\Oracle
    2015-12-04 08:13 - 2015-12-04 08:13 - 00001849 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
    2015-12-04 08:13 - 2015-12-04 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2015-12-04 08:12 - 2015-12-04 08:13 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2015-12-04 08:06 - 2015-12-10 08:32 - 00004084 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1449234280
    2015-12-04 08:05 - 2015-12-04 08:05 - 00001281 _____ C:\Users\Raelyn\Desktop\Opera.lnk
    2015-12-04 08:05 - 2015-12-04 08:05 - 00001281 _____ C:\Users\Raelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
    2015-12-03 15:03 - 2015-12-03 15:03 - 04997064 _____ C:\Users\Raelyn\Downloads\ARD-+RTS-Templates.zip
    2015-11-18 14:38 - 2015-12-10 08:28 - 00000000 ____D C:\Program Files\McAfee Security Scan

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-17 08:00 - 2007-07-11 20:48 - 00000000 ____D C:\Windows
    2015-12-17 07:56 - 2014-07-24 11:13 - 00000340 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
    2015-12-17 07:55 - 2013-02-28 19:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-12-17 07:45 - 2013-11-01 14:39 - 00000000 ____D C:\Users\Raelyn\AppData\Local\951863C1-A16B-432E-91EE-74421256EF2D.aplzod
    2015-12-17 07:41 - 2012-01-05 14:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-12-17 07:23 - 2015-11-13 19:23 - 00000274 _____ C:\Windows\Tasks\UpdateTask.job
    2015-12-17 07:15 - 2015-10-07 11:59 - 00000568 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-708230597-557159494-1516868879-1000.job
    2015-12-17 06:05 - 2015-10-07 11:59 - 00000664 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-708230597-557159494-1516868879-1000.job
    2015-12-17 04:40 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-12-17 04:40 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-12-17 03:09 - 2015-09-14 17:45 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
    2015-12-17 03:07 - 2013-12-19 22:19 - 00000000 ____D C:\Program Files (x86)\McAfee
    2015-12-17 02:41 - 2012-01-05 14:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-12-17 02:00 - 2011-12-03 12:54 - 00000000 ____D C:\Users\Raelyn\AppData\Local\Adobe
    2015-12-16 19:06 - 2012-08-13 20:12 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-12-15 21:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
    2015-12-15 14:30 - 2015-10-07 11:59 - 00003698 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-708230597-557159494-1516868879-1000
    2015-12-15 14:30 - 2015-10-07 11:59 - 00003602 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-708230597-557159494-1516868879-1000
    2015-12-15 13:21 - 2015-08-25 11:07 - 00000000 ____D C:\Users\Raelyn\AppData\Local\Electa Live 8.0
    2015-12-15 10:44 - 2014-11-16 22:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-12-13 20:41 - 2012-03-16 22:23 - 00000000 ____D C:\Users\Raelyn\AppData\Local\CrashDumps
    2015-12-13 13:01 - 2015-04-27 15:52 - 00000000 ____D C:\Users\Raelyn\Documents\Picture Book
    2015-12-13 01:00 - 2011-12-03 17:15 - 00000000 ____D C:\Users\Raelyn\AppData\Local\ElevatedDiagnostics
    2015-12-12 23:22 - 2015-10-27 22:11 - 00000000 ___RD C:\Users\Raelyn\Creative Cloud Files
    2015-12-12 23:22 - 2015-10-27 22:08 - 00000000 ____D C:\ProgramData\boost_interprocess
    2015-12-12 23:18 - 2011-12-03 12:54 - 00110680 _____ C:\Users\Raelyn\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-12-12 23:17 - 2011-07-14 22:04 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-12-12 23:16 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-12-12 23:16 - 2009-07-13 23:45 - 00439776 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-12-12 22:30 - 2011-12-04 12:25 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-12-12 22:29 - 2011-07-14 22:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2015-12-12 22:29 - 2010-11-21 02:16 - 00000000 ____D C:\Windows\ShellNew
    2015-12-12 22:23 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2015-12-12 22:15 - 2011-12-03 12:54 - 00000000 ____D C:\Users\Raelyn\AppData\Roaming\Adobe
    2015-12-12 22:14 - 2011-04-13 04:31 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-12-12 21:56 - 2014-02-03 15:54 - 00007602 _____ C:\Users\Raelyn\AppData\Local\Resmon.ResmonCfg
    2015-12-12 20:31 - 2014-11-16 22:36 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-12-12 20:31 - 2014-11-16 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-12-12 20:31 - 2014-11-16 22:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-12-12 11:18 - 2015-03-09 00:56 - 00000000 ____D C:\Users\Raelyn\Documents\Business
    2015-12-11 21:28 - 2013-02-28 19:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-12-11 21:28 - 2012-04-04 12:22 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-12-11 21:28 - 2011-12-05 13:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-12-11 21:23 - 2014-05-02 09:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-12-11 21:22 - 2015-07-15 08:40 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-12-10 15:32 - 2011-07-19 14:24 - 00000000 ____D C:\Users\Raelyn\Documents\Sewing Patterns
    2015-12-10 08:28 - 2014-02-13 00:29 - 00001968 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-12-09 04:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2015-12-09 03:46 - 2012-05-21 00:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-12-09 03:46 - 2012-05-21 00:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-12-09 03:45 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
    2015-12-09 03:26 - 2012-05-21 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-12-09 03:21 - 2013-08-15 02:05 - 00000000 ____D C:\Windows\system32\MRT
    2015-12-09 03:11 - 2011-12-03 13:08 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-12-04 13:45 - 2015-11-02 16:07 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2015-12-04 13:44 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-12-04 13:43 - 2013-04-13 02:04 - 00000000 ____D C:\Users\UpdatusUser
    2015-12-04 13:37 - 2014-11-16 22:46 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2015-12-04 08:16 - 2011-12-03 12:54 - 00000000 ____D C:\Users\Raelyn
    2015-12-04 08:14 - 2012-11-07 13:15 - 00000000 ____D C:\Program Files (x86)\Java
    2015-12-04 02:36 - 2012-01-05 14:00 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-12-04 02:36 - 2012-01-05 14:00 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-12-03 15:04 - 2006-12-18 19:56 - 00000000 ____D C:\Users\Raelyn\Documents\Recipes
    2015-11-30 21:31 - 2010-10-04 21:29 - 00000000 ____D C:\Users\Raelyn\Documents\Brendan
    2015-11-28 17:03 - 2012-08-23 19:09 - 00000000 ____D C:\Users\Raelyn\Documents\Embroidery Designs
    2015-11-20 18:05 - 2015-10-10 13:12 - 00010149 _____ C:\Users\Raelyn\Documents\Passwords.xlsx
    2015-11-19 16:15 - 2006-12-18 19:56 - 00000000 ____D C:\Users\Raelyn\Documents\Seana
    2015-11-18 11:35 - 2012-01-04 20:30 - 00000000 ____D C:\ProgramData\Rosetta Stone

    ==================== Files in the root of some directories =======

    2015-10-27 22:21 - 2015-10-27 22:21 - 0000033 _____ () C:\Users\Raelyn\AppData\Roaming\AdobeWLCMCache.dat
    2015-11-13 20:23 - 2015-11-13 20:23 - 0000047 _____ () C:\Users\Raelyn\AppData\Roaming\WB.CFG
    2012-08-21 15:36 - 2012-08-21 15:36 - 0003584 _____ () C:\Users\Raelyn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-02-03 15:54 - 2015-12-12 21:56 - 0007602 _____ () C:\Users\Raelyn\AppData\Local\Resmon.ResmonCfg
    2012-03-15 16:05 - 2012-03-15 16:05 - 0000057 _____ () C:\ProgramData\Ament.ini
    2011-07-14 22:18 - 2011-07-14 22:22 - 0014794 _____ () C:\ProgramData\ArcadeDeluxe5.log
    2011-12-04 23:26 - 2011-12-04 23:26 - 0000252 _____ () C:\ProgramData\FastPics.log
    2012-02-04 14:59 - 2015-11-07 23:18 - 0002819 _____ () C:\ProgramData\lxdw.log
    2012-02-04 15:00 - 2012-02-26 21:15 - 0000370 _____ () C:\ProgramData\lxdwDiagnostics.log
    2011-12-15 16:46 - 2012-01-21 16:04 - 0005192 _____ () C:\ProgramData\lxdwJSW.log
    2015-11-07 23:14 - 2015-11-07 23:16 - 0000032 _____ () C:\ProgramData\PS.log
    2014-02-06 10:37 - 2014-02-06 10:37 - 0881062 _____ () C:\ProgramData\SPLDC79.tmp
    2012-01-05 13:55 - 2012-01-05 13:55 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

    Files to move or delete:
    ====================
    C:\Users\Public\NTUSER (1).DAT


    Some files in TEMP:
    ====================
    C:\Users\Raelyn\AppData\Local\Temp\APNStub.exe
    C:\Users\Raelyn\AppData\Local\Temp\i4jdel0.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Users\Raelyn\AppData\Local\Temp\lowproc.exe
    C:\Users\Raelyn\AppData\Local\Temp\SecurityScan_Release.exe
    C:\Users\Raelyn\AppData\Local\Temp\stubhelper.dll
    C:\Users\Raelyn\AppData\Local\Temp\tmp1511.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp17CB.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp1A22.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp22FE.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp257A.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp2731.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp2961.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp2ED6.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp311.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp3848.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp3A07.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp3A9F.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp3BF3.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp4330.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp4423.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp46CB.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp4D89.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp4D9.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp5BC8.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp5BE9.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp5CE9.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp60D4.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp6EB2.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp77FE.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp7BE2.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp7EF0.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp8C5B.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp8CB0.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp941.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp95BA.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp9B25.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp9B80.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp9E22.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp9E48.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmp9FD7.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpA522.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpABA9.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpAF76.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpB3AE.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpB50B.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpB9D.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpBA49.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpC17B.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpC585.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpCC7E.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpD3B9.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpD3F1.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpD4B.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpD6C4.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpD9CB.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpDB44.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpDC0D.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpDDD8.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpE0D4.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpE52.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpEB70.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpF508.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpF5A8.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpF7AB.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpF80A.exe
    C:\Users\Raelyn\AppData\Local\Temp\tmpFC7.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-11-30 15:41

    ==================== End of FRST.txt ============================

  4. #4
    Member
    Join Date
    Dec 2015
    Posts
    3
    Points
    0

    Default

    Addition log:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
    Ran by Raelyn (2015-12-17 08:02:20)
    Running from C:\Users\Raelyn\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2011-12-03 17:54:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-708230597-557159494-1516868879-500 - Administrator - Disabled)
    Guest (S-1-5-21-708230597-557159494-1516868879-501 - Limited - Disabled)
    Raelyn (S-1-5-21-708230597-557159494-1516868879-1000 - Administrator - Enabled) => C:\Users\Raelyn
    UpdatusUser (S-1-5-21-708230597-557159494-1516868879-1001 - Limited - Enabled) => C:\Users\UpdatusUser

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
    Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.4 - WildTangent)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
    Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_1_1) (Version: 19.1.1 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
    Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Amazon Cloud Player (HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Amazon Amazon Cloud Player) (Version: 2.2.0.399 - Amazon Services LLC)
    Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Avery Design & Print (HKLM-x32\...\Avery Design & Print 1.0.0) (Version: 1.0.0 - Avery Products Corporation)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    doPDF (Version: 8.3.934 - Softland) Hidden
    doPDF 8 (HKLM-x32\...\{0ebed438-cc81-46f7-914b-a4c93d5780f2}) (Version: 8.3.934 - Softland)
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
    Electa Live Virtual Room 8.0 (HKLM-x32\...\{2557C300-2B7E-4B18-9596-5FEE3B44A01C}_is1) (Version: 8.0 - ELECTA COMMUNICATIONS LTD)
    eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 4.1.0.8 - WildTangent, Inc.)
    Garmin Lifetime Updater (HKLM-x32\...\{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}) (Version: 2.1.11 - Garmin)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
    GoToMeeting 7.7.1.4099 (HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\GoToMeeting) (Version: 7.7.1.4099 - CitrixOnline)
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
    iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
    Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    McAfee AntiVirus (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6001.1038 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
    Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
    Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
    Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
    Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
    newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
    newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
    novaPDF 8 Printer Driver (HKLM\...\{1CC99933-93FC-40BA-A3DD-286FB87CBF2F}) (Version: 8.3.934 - Softland)
    novaPDF 8 SDK COM (x64) (HKLM\...\{A8A71610-DE04-4C9E-AE89-60BCA8E20453}) (Version: 8.3.934 - Softland)
    novaPDF 8 SDK COM (x86) (HKLM-x32\...\{0FD5EC80-F729-442E-8745-F60315842D9B}) (Version: 8.3.934 - Softland)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
    NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation)
    NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
    Opera Stable 34.0.2036.25 (HKU\S-1-5-21-708230597-557159494-1516868879-1000\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PHOTOfunSTUDIO 6.1 HD Lite Edition (HKLM-x32\...\{7E653036-DE31-4BFD-96BB-421CC72E06FC}) (Version: 6.01.015 - Panasonic Corporation)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PrintMaster 6.0 Platinum (HKLM-x32\...\0832-3492-6567-1002) (Version: 6.0.0.117 - Encore Software Inc.)
    QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
    TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
    WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-708230597-557159494-1516868879-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Raelyn\AppData\Local\Citrix\GoToMeeting\3499\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-708230597-557159494-1516868879-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

    ==================== Restore Points =========================

    04-12-2015 08:00:00 McAfee Vulnerability Scanner
    09-12-2015 03:01:13 Windows Update
    11-12-2015 21:26:28 McAfee Vulnerability Scanner
    12-12-2015 22:20:34 Removed Microsoft Office Professional 2007

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2015-12-10 08:28 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts

    0.0.0.1 mssplus.mcafee.com

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02669BC4-5D7D-4D89-820E-471EC9F8FB4F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
    Task: {02F30247-D4B6-4E84-8AD9-62D9B75EBEC6} - System32\Tasks\G2MUploadTask-S-1-5-21-708230597-557159494-1516868879-1000 => C:\Users\Raelyn\AppData\Local\Citrix\GoToMeeting\4099\g2mupload.exe [2015-12-15] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {03AEB08D-9087-4865-9CFC-BF5B5476853C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
    Task: {0AB27A56-0EEE-4126-970A-913F5994B512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {11A992D3-DB06-4582-8767-8242F8DAD7CB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
    Task: {24571CFE-85E3-4A29-BD02-A8FECA597338} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-02-21] ()
    Task: {34762747-E367-4B7C-A5E0-741640D576F0} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
    Task: {3EFB78D3-0444-45F2-A785-E07A41D4DAFB} - System32\Tasks\G2MUpdateTask-S-1-5-21-708230597-557159494-1516868879-1000 => C:\Users\Raelyn\AppData\Local\Citrix\GoToMeeting\4099\g2mupdate.exe [2015-12-15] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {5255D68F-4E9A-4C74-BF10-A8212EAF0088} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {52D9524A-E564-4D98-87C5-B07DD3038430} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {54A347FC-087B-4F86-881A-0191842C53AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
    Task: {60021036-E6BF-4764-817F-0DE53F850CBE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
    Task: {612CE088-F53D-449C-8259-842F8D973A1E} - System32\Tasks\{F2B8D446-6A9A-441D-990C-EC2EBD82C4A4} => pcalua.exe -a "c:\program files (x86)\real\realplayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|17.0
    Task: {7B0E6448-A237-45DB-BE16-552BC42340AA} - System32\Tasks\{64E534A5-50E8-4A5D-9BC8-AA824ACAEDAD} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -c -runfromtemp -l0x0409 -removeonly
    Task: {7E0FAFF5-83F8-4C0E-9915-52FCD252B662} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-09-01] (McAfee, Inc.)
    Task: {89BFDE45-1D63-4A48-89B2-26896ACF4AC1} - System32\Tasks\AdobeAAMUpdater-1.0-Raelyn-Acer-Raelyn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
    Task: {973173A2-10D5-49A8-A8D3-A6204F1F5504} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
    Task: {98A035A2-DA95-4000-9A2D-88750542D076} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
    Task: {9D8AE14A-2FA2-479F-A53D-1B7C2F15A77E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
    Task: {BE36E335-1193-4984-9077-CA128CEC950A} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
    Task: {C122D223-A484-4405-B776-CCA94C92929E} - System32\Tasks\Opera scheduled Autoupdate 1449234280 => C:\Users\Raelyn\AppData\Local\Programs\Opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {C6FE28C3-7450-4401-B120-CE973FE429F5} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 7600 Series\lxdwamon.exe
    Task: {CB9C6F29-DCE4-4184-A888-60F9599DCA1F} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
    Task: {D044DCFA-97EC-404E-BEEC-D44F6C11FB7D} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-07-14] ()
    Task: {D1D8A219-9570-4ACB-8C4C-0615EFFBEA16} - System32\Tasks\UpdateTask => C:\Users\Raelyn\AppData\Local\{3C5B0~1\UNINST~1.EXE
    Task: {E53BC34C-CCE6-4CC6-92AA-0422B8AE79FC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
    Task: {EF42F07E-D9D1-4349-8558-533738AF6A89} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
    Task: {F98ACF0B-9434-45EC-90A1-E0BF8CEB8F31} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-708230597-557159494-1516868879-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-708230597-557159494-1516868879-1000.job => C:\Users\Raelyn\AppData\Local\Citrix\GoToMeeting\4099\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-708230597-557159494-1516868879-1000.job => C:\Users\Raelyn\AppData\Local\Citrix\GoToMeeting\4099\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
    Task: C:\Windows\Tasks\UpdateTask.job => C:\Users\Raelyn\AppData\Local\{3C5B0~1\UNINST~1.EXE

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\Public\Desktop\Netflix.lnk -> C:\ProgramData\OEM_E471269A730D\Netflix\StartURL.exe () -> hxxp://homepage.acer.com/redirect.aspx?rid=09000001

    ==================== Loaded Modules (Whitelisted) ==============

    2013-04-13 02:04 - 2013-01-31 04:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-08-25 11:08 - 2010-07-19 09:12 - 00394272 _____ () C:\Windows\system32\spool\DRIVERS\x64\x64v05.dll
    2015-11-08 17:22 - 2009-10-16 10:55 - 00186880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdwdrpp.dll
    2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-11-02 16:04 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
    2009-08-10 18:01 - 2009-08-10 18:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    2009-08-10 18:00 - 2009-08-10 18:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
    2009-08-10 18:01 - 2009-08-10 18:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
    2015-07-14 11:34 - 2015-07-14 11:34 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
    2015-07-14 11:34 - 2015-07-14 11:34 - 00052512 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
    2015-07-14 11:34 - 2015-07-14 11:34 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
    2009-08-10 18:01 - 2009-08-10 18:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
    2015-11-20 08:46 - 2015-11-01 05:11 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
    2013-12-18 15:46 - 2013-12-12 14:56 - 03145536 _____ () C:\Users\Raelyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    2011-01-18 20:08 - 2011-01-18 20:08 - 00620136 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    2015-11-14 04:22 - 2015-11-14 04:22 - 31401120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
    2015-11-20 08:45 - 2015-11-01 05:12 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
    2011-01-18 20:08 - 2011-01-18 20:08 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
    2015-11-16 17:43 - 2015-11-16 17:43 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
    2015-12-10 15:04 - 2015-12-04 16:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
    2015-12-10 15:04 - 2015-12-04 16:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll
    2015-11-16 17:43 - 2015-11-16 17:43 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
    2015-11-16 17:43 - 2015-11-16 17:43 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
    2015-11-25 19:35 - 2015-11-25 19:35 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
    2015-11-25 19:35 - 2015-11-25 19:35 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
    2015-11-25 19:35 - 2015-11-25 19:35 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
    2015-11-25 19:35 - 2015-11-25 19:35 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
    2015-11-25 13:22 - 2015-11-25 13:22 - 00089264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin7.dll
    2015-11-25 19:35 - 2015-11-25 19:35 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
    2015-11-25 13:15 - 2015-11-25 13:15 - 00089264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\native\ProxyResolverWin7.dll
    2015-11-25 19:48 - 2015-11-25 19:48 - 00085504 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00086016 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node
    2015-11-25 19:48 - 2015-11-25 19:48 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
    2015-12-10 15:04 - 2015-12-04 16:32 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll
    2015-11-02 16:05 - 2015-11-02 16:08 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\tmpod.dll
    2015-08-25 11:07 - 2014-05-06 08:28 - 00270472 _____ () C:\Program Files (x86)\Electa Live 8.0\libspeex.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-708230597-557159494-1516868879-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Raelyn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk => C:\Windows\pss\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk.CommonStartup
    MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{C4234AE7-93A3-4D63-84D7-57DDB4DE8728}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{A8D9FB9D-01A3-4300-8B02-5581AEB30CE3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{457874CC-D313-4B0D-B8E8-872930A40B7B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{C0A3A5E5-7628-43D5-B7F6-252FF69943A6}] => (Allow) LPort=2869
    FirewallRules: [{2B0949F3-DD1F-4644-9605-1C25D41A699F}] => (Allow) LPort=1900
    FirewallRules: [{C68EB937-1253-4F66-A1AC-CBB3C19E7E77}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{1F6E882E-5CD5-4D4E-A831-51E91FF1BB93}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{391D9806-A7E5-447D-816B-F2CE48A2B03B}] => (Allow) C:\Program Files (x86)\Lexmark 7600 Series\lxdwamon.exe
    FirewallRules: [{38BD8ABD-C1D4-4BAB-A6DB-652C096206D5}] => (Allow) C:\Program Files (x86)\Lexmark 7600 Series\lxdwamon.exe
    FirewallRules: [{F68D7F15-53D8-4AAC-BF46-2B7D346F0FD9}] => (Allow) C:\Program Files (x86)\Lexmark 7600 Series\frun.exe
    FirewallRules: [{8322BB04-B18B-4437-83E3-122032CC1EB0}] => (Allow) C:\Program Files (x86)\Lexmark 7600 Series\frun.exe
    FirewallRules: [{6E41A9B1-AA46-4A0A-BEC6-4E5F464AA042}] => (Allow) C:\Windows\system32\lxdwcoms.exe
    FirewallRules: [{2DC69EED-0BBD-4655-A7B0-96C746E9E97D}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdwpswx.exe
    FirewallRules: [{38DD74BE-F1F6-4A92-BC70-8DAAA769159C}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdwtime.exe
    FirewallRules: [{EFE08BC8-D399-49B2-9048-8CBF2243323F}] => (Allow) C:\Windows\SysWOW64\lxdwcoms.exe
    FirewallRules: [{8B6477C1-89F5-4575-8C4D-AB1F74751E74}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdwpswx.exe
    FirewallRules: [{5A72882E-956D-4DC8-9CC0-AB7F7C2A2961}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdwpswx.exe
    FirewallRules: [{680D41D8-96E7-4398-8C73-9915630B9CAD}] => (Allow) C:\Windows\system32\lxdwcoms.exe
    FirewallRules: [{AFBF67D3-5FB5-4365-A8E6-B1CF1FA902A1}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdwpswx.exe
    FirewallRules: [{B9D35B4B-44FE-4DE8-AA05-33F5956EF888}] => (Allow) C:\Windows\system32\spool\DRIVERS\x64\3\lxdwtime.exe
    FirewallRules: [{9FA6FD68-9605-4BFF-B895-D96ABE05C1E6}] => (Allow) C:\Windows\SysWOW64\lxdwcoms.exe
    FirewallRules: [{EE5E2E01-D47C-4439-92A4-45309D028F6D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
    FirewallRules: [{F807DA8B-67DA-458A-BB39-63FE064D2E9A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{741EADFA-B476-4DAD-ABE4-B745A24C3DA8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{E1FDD190-3B58-493F-A19C-C4AC21F70BF5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{E9C72ABC-C7C3-465B-996E-60BBBEC6F7F5}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
    FirewallRules: [{DE47041A-A5E3-480F-98FA-D66FAD07B49B}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
    FirewallRules: [{47C40D4C-28A4-4E3C-91C2-8EE4696A26DD}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
    FirewallRules: [{899CB526-B02C-45DB-BF1F-1BE38818A205}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
    FirewallRules: [{B27ED054-B858-49FB-BBAA-35F2C3B52172}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{F94DFC72-A6D1-45BE-BC1F-0487E2FABD24}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{933571A0-659D-4C59-A3D8-0EDC1463BDFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{DAC215B3-F9D5-4C4B-A39A-6788C811608C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{C621C5FB-40CA-4F59-A2C0-4D35BD00A875}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{6A7F0DCD-4F7F-41EE-9A19-82B955B71B6F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{EFED7BE9-9E8E-47A8-B434-E8D3468B563F}] => (Allow) LPort=8501
    FirewallRules: [{815E3279-9B70-4ABC-9DE2-E9EDCC351C37}] => (Allow) LPort=8501
    FirewallRules: [{39A71A56-65FE-4052-A304-89EAE9E11D64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{1A7FF801-D66E-4682-B69F-37D72B917440}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{71DBDE93-D1ED-478A-906E-6B8C04C3C0E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{44995A4B-4502-4573-8CFE-D5A70C64E93A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{8C9F3AE1-8DE4-4821-9DD7-2C683EDC0FEC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{EC7AE04C-977C-4957-AB7F-9199BBBF81CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{0B800526-DAE8-4B0F-8DBF-851B4CD0D0EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{AD24F5CE-9684-4E8A-AD50-E75C124314B5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{374AA3FA-80BC-4711-8D79-0108BA85A3B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{D78B7382-68CA-4191-B481-9048A5B60B77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2202950E-B32F-4EA7-9557-70F834BD9B65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{258F3898-5097-4C7A-BC3F-2E81C25A45D2}] => (Allow) C:\Windows\System32\lxdwcoms.exe
    FirewallRules: [{4E5B2653-11F9-4EDE-B088-5D3829A29472}] => (Allow) C:\Windows\System32\lxdwcoms.exe
    FirewallRules: [{4BCC6689-17D5-45A3-A79E-FD0A1AF3100C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{BE7FA1CA-DDFC-4C9D-A7EF-67ECBD71C801}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/15/2015 08:25:20 PM) (Source: SideBySide) (EventID: 35) (User: )
    Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
    Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (12/15/2015 08:25:19 PM) (Source: SideBySide) (EventID: 35) (User: )
    Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
    Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (12/14/2015 02:00:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 10280

    Error: (12/14/2015 02:00:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 10280

    Error: (12/14/2015 02:00:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/14/2015 02:00:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9219

    Error: (12/14/2015 02:00:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9219

    Error: (12/14/2015 02:00:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/14/2015 02:00:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

    Error: (12/14/2015 02:00:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8221


    System errors:
    =============
    Error: (12/16/2015 08:24:32 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer EUNICE-HP
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3580D70A-C806-4F28-902C-DAE39CDB2602}.
    The master browser is stopping or an election is being forced.

    Error: (12/15/2015 09:33:43 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/15/2015 09:33:43 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/15/2015 09:33:43 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/14/2015 02:41:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 43. The internal error state is 252.

    Error: (12/14/2015 02:41:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 43. The internal error state is 252.

    Error: (12/14/2015 02:35:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/14/2015 02:35:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/14/2015 02:35:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (12/14/2015 02:32:51 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) II X4 645 Processor
    Percentage of memory in use: 91%
    Total physical RAM: 3839.37 MB
    Available physical RAM: 343.74 MB
    Total Virtual: 9287.4 MB
    Available Virtual: 861.42 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:690.95 GB) NTFS
    Drive d: (20060718_112330) (CDROM) (Total:2.79 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 30B99EF2)
    Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    Thanks for posting those logs. I'll be with later today in the afternoon or early evening.