Results 1 to 8 of 8
  1. #1
    Member baconbits's Avatar
    Join Date
    Sep 2004
    Location
    Texas & Louisiana
    Posts
    48
    Points
    3

    Default clean programs slowing laptop

    I noticed that Soft Thinks Agent was slowing my laptop. I want to uninstall the program and, while I'm at it, be sure my laptop is operating efficiently.

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 11:10:48 AM, on 12/30/2015
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10240.16603)

    FIREFOX: 43.0.2 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
    C:\Users\Barbara\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = att.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
    O3 - Toolbar: iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll
    O4 - HKLM\..\Run: [iYogi Support Dock] "C:\Program Files (x86)\iYogi Support Dock\SDStartup.exe" C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.8.0_65\bin\jusched.exe"
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [LaplinkOffers] C:\Program Files (x86)\Laplink\PCmover\ThirdParty\LaplinkOffers.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN25NBK2KK05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
    O4 - HKUS\S-1-5-18\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'Default user')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Read EXIF - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Active File Monitor V12 (AdobeActiveFileMonitor12.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @oem193.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CorelCreatorMessages - Unknown owner - C:\Windows\system32\CorelCreatorMessages.exe (file missing)
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
    O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: iYogiTechGenieParental - Unknown owner - C:\Program Files (x86)\iYogi\TechGenie\iYogiTechGenieParental.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
    O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: My Dell Client Framework - Dell Inc. - C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: SDiManage - Unknown owner - C:\Program Files (x86)\SDC\SDiManage\IYogiMonitoringSvc.exe
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
    O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    O23 - Service: Support Dock Service (SupportDockService.exe) - iYogi Technical Services - C:\Program Files (x86)\iYogi Support Dock\Services\CommAgent\SupportDockService.exe
    O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    O23 - Service: TrueColorALS - Unknown owner - C:\Program Files\TrueColor\TrueColorALS.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Wyse PocketCloud (WysePocketCloud) - Unknown owner - C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
    O23 - Service: Wyse RemoteAccess (WyseRemoteAccess) - DELL Inc. - C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe

    --
    End of file - 18315 bytes

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 12/30/2015 at 10:49 AM

    Application Version : 6.0.1210
    Database Version : 12293

    Scan type : Quick Scan
    Total Scan Time : 00:07:49

    Operating System Information
    Windows 10 Home 64-bit (Build 10.00.10240)
    UAC On - Limited User

    Memory items scanned : 984
    Memory threats detected : 0
    Registry items scanned : 56537
    Registry threats detected : 0
    File items scanned : 8629
    File threats detected : 41

    Adware.Tracking Cookie
    .ru4.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    ads.undertone.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    ads.undertone.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .luckyorange.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .luckyorange.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .dmtry.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .bluekai.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .bluekai.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    s.thebrighttag.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .262855726.log.optimizely.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .nexac.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .pixel.rubiconproject.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1I8YNE0M.DEFAULT\COOKIES.SQLITE ]

    ============
    End of Log
    ============

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 12/30/2015
    Scan Time: 10:21 AM
    Logfile:
    Administrator: Yes

    Version: 0.0.0.0000
    Malware Database: v2015.12.30.04
    Rootkit Database: v2015.12.26.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Barbara

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 472542
    Time Elapsed: 33 min, 55 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,180
    Points
    1308

    Default

    Hi! My name is zep516 and Welcome to Help2Go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    Everything gets download to the desktop and tools are "Run as administrator."

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  3. #3
    Member baconbits's Avatar
    Join Date
    Sep 2004
    Location
    Texas & Louisiana
    Posts
    48
    Points
    3

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
    Ran by Barbara (2015-12-30 16:32:50)
    Running from C:\Users\Barbara\Downloads
    Windows 10 Home (X64) (2015-12-30 19:00:45)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1942062262-870864989-144695354-500 - Administrator - Disabled)
    Barbara (S-1-5-21-1942062262-870864989-144695354-1001 - Administrator - Enabled) => C:\Users\Barbara
    Connor (S-1-5-21-1942062262-870864989-144695354-1004 - Administrator - Enabled) => C:\Users\Connor
    DefaultAccount (S-1-5-21-1942062262-870864989-144695354-503 - Limited - Disabled)
    Guest (S-1-5-21-1942062262-870864989-144695354-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1942062262-870864989-144695354-1003 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
    FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
    FW: TechGenie Firewall (Disabled) {BA1CD35E-44B7-92B9-38F6-9BEB66121DB9}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    A620 (x32 Version: 90.0.169.000 - Hewlett-Packard) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.49 - NOS Microsystems Ltd.)
    Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12.0.3 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
    Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
    AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
    AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
    Amazon Kindle (HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Amazon Kindle) (Version: - Amazon)
    AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft MediaImpression 2 (HKLM-x32\...\{30B056AF-F414-4B68-B9B0-6EFDB9FCDF18}) (Version: 2.0.29.444 - ArcSoft)
    ArcSoft Panorama Maker 4 (HKLM-x32\...\{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}) (Version: 4.5.0.112 - ArcSoft)
    ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.71 - ArcSoft)
    ArcSoft PhotoStudio Darkroom 2 (HKLM-x32\...\{40DA94AF-34B7-4BA7-A37F-26F899C031FF}) (Version: 2.0.0.174 - ArcSoft)
    ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
    ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version: - ArcSoft)
    ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
    ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version: - ArcSoft)
    ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
    ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
    ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
    ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version: - ArcSoft)
    ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version: - ArcSoft)
    ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
    ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
    ArcSoft Print Creations (HKLM-x32\...\{F03EC055-F34E-4F6B-A684-8A370E11A304}) (Version: 3.0.255.500 - ArcSoft)
    ArcSoft RAW Thumbnail Viewer (HKLM-x32\...\{82FAC25D-D0E1-4D60-9268-F3DD958BF052}) (Version: 2.0.0.11 - ArcSoft)
    ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{363188E4-1A27-4DE6-BA48-823D2E205385}) (Version: 1.1.0.17 - ArcSoft)
    ArcSoft Video Downloader (HKLM-x32\...\{C8B44566-839A-459C-A73D-49764CE216CC}) (Version: 2.0.0.39 - ArcSoft)
    ATT-RC Self Support Tool (HKLM\...\ATT-RC) (Version: - )
    ATT-RC Self Support Tool (HKLM-x32\...\ATT-RC) (Version: - )
    Backgammon7 (HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Backgammon7) (Version: - )
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    CCScore (x32 Version: 7.00.0000.0001 - EASTMAN KODAK Company) Hidden
    Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
    Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
    Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
    Corel PaintShop Pro X5 (HKLM-x32\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.1.0.10 - Corel Corporation)
    Corel PDF Fusion (HKLM\...\{7D93C785-B8CD-4B29-BBAA-8D28E30A5910}) (Version: 1.11.0000 - Corel Corporation)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D1300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
    D1300_Help (x32 Version: 82.0.233.000 - Hewlett-Packard) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.0.22 - Dell Inc.)
    Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
    Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
    Dell System Detect (HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\58d94f3ce2c27db0) (Version: 6.12.0.1 - Dell)
    Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
    Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
    Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
    Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    DriverNavigator 3.4.4 (HKLM\...\DriverNavigator_is1) (Version: 3.4.4.0 - Easeware)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
    DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.223.181 - Dell Inc.)
    EasyDuplicateFinder v4.7 (HKLM\...\Easy Duplicate Finder 4_is1) (Version: - WebMinds, Inc.)
    Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    Enhanced Video 7.3.1.0 (HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\EnhancedVideo 7.3.1.0) (Version: - American Well)
    ESSBrwr (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    ESSCDBK (x32 Version: 7.01.0000.0002 - EASTMAN KODAK Company) Hidden
    ESScore (x32 Version: 7.01.0000.0012 - EASTMAN KODAK Company) Hidden
    ESSgui (x32 Version: 7.01.0000.0002 - EASTMAN KODAK Company) Hidden
    ESSini (x32 Version: 7.01.0000.0002 - EASTMAN KODAK Company) Hidden
    ESSPCD (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    ESSPDock (x32 Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
    ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
    essvatgt (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    Family Tree Heritage (HKLM-x32\...\Family Tree Heritage) (Version: - )
    Family Tree Heritage Collaboration Support (HKLM-x32\...\InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}) (Version: 1.10.0010 - Individual Software)
    Family Tree Heritage Collaboration Support (x32 Version: 1.10.0010 - Individual Software) Hidden
    FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    fflink (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
    FireShot (HKLM-x32\...\FireShot) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
    HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
    HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
    iYogi Support Dock (HKLM-x32\...\iYogi Support Dock) (Version: 5.8.1 - iYogi)
    iYogiPasswordManager (HKLM-x32\...\{65CECF99-19C7-4F86-BD61-C8ECACBCC916}) (Version: 1.0.0 - iYogi)
    Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
    Laplink PCmover Professional (HKLM-x32\...\{51109D80-F344-49DE-9BEE-4292A6CE6279}) (Version: 8.20.636 - Laplink Software, Inc.)
    LoJack Factory Installer (HKLM-x32\...\InstallShield_{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}) (Version: 1.0.0.5 - Absolute Software Corporation)
    LoJack Factory Installer (x32 Version: 1.0.0.5 - Absolute Software Corporation) Hidden
    MaintenanceTool (HKLM-x32\...\{499A4914-6123-42BC-A2A1-BBCB04CB3F00}) (Version: 1.0.0 - iYogi Support Dock)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
    McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.)
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{67635FB6-2F63-4FFB-830B-D4C01597EBA4}) (Version: 1.2.1 - DELL)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
    Mozilla Firefox 43.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 en-US)) (Version: 43.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
    My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
    My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
    MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)
    netbrdg (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    Nmap 5.51 (HKLM-x32\...\Nmap) (Version: - )
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Octoshape add-in for Adobe Flash Player) (Version: - )
    Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    OfotoXMI (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    OptiPix™ (HKLM-x32\...\{F54F8559-F5CD-4007-9E9D-3F52902F9DE1}) (Version: 1.10.0000 - Smartparts, Inc.)
    PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
    PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
    PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
    ps_app_npi_ProductContext (x32 Version: 90.0.169.000 - Hewlett-Packard) Hidden
    PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    PSPPro64 (Version: 15.1.0.10 - Corel Corporation) Hidden
    Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
    QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
    Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
    SDiManage (HKLM-x32\...\{0DBABDFB-DAB4-41E1-A842-CE568FFDA785}) (Version: 1.0.0 - SDC)
    SF_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
    SF_CDA_Software (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
    SFR (x32 Version: 7.01.0000.0003 - Eastman Kodak Company) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHASTA (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
    Shutterfly Express Uploader (x32 Version: 1.2.0 - Shutterfly, Inc.) Hidden
    Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
    skin0001 (x32 Version: 7.01.0000.0003 - EASTMAN KODAK Company) Hidden
    SKINXSDK (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
    Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.45 - Stardock Software, Inc.)
    staticcr (x32 Version: 7.01.0000.0005 - EASTMAN KODAK Company) Hidden
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com)
    Tansee iPhone Copy (HKLM-x32\...\Tansee iPhone Copy_is1) (Version: 5.0.0.0 - Tansee, Inc.)
    Tansee iPhone Transfer SMS (HKLM-x32\...\Tansee iPhone Transfer SMS_is1) (Version: 1.0.0.0 - Tansee, Inc.)
    TaxACT 2009 (HKLM-x32\...\TaxACT 2009) (Version: - 2nd Story Software, Inc.)
    TaxACT 2009 Louisiana (HKLM-x32\...\TaxACT 2009 Louisiana) (Version: - 2nd Story Software, Inc.)
    TaxACT 2010 (HKLM-x32\...\TaxACT 2010) (Version: - 2nd Story Software, Inc.)
    TaxACT 2010 Louisiana (HKLM-x32\...\TaxACT 2010 Louisiana) (Version: - 2nd Story Software, Inc.)
    TaxACT 2011 - 1040 Edition (HKLM-x32\...\TaxACT 2011 - 1040 Edition) (Version: - 2nd Story Software, Inc.)
    TaxACT 2011 Louisiana (HKLM-x32\...\TaxACT 2011 Louisiana) (Version: - 2nd Story Software, Inc.)
    TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version: - 2nd Story Software, Inc.)
    TaxACT 2012 Louisiana (HKLM-x32\...\TaxACT 2012 Louisiana) (Version: - 2nd Story Software, Inc.)
    TaxACT 2013 - 1040 Edition (HKLM-x32\...\TaxACT 2013 - 1040 Edition) (Version: - TaxACT, Inc.)
    TaxACT 2013 Louisiana (HKLM-x32\...\TaxACT 2013 Louisiana) (Version: - TaxACT, Inc.)
    TaxACT 2014 - 1040 Edition (HKLM-x32\...\TaxACT 2014 - 1040 Edition) (Version: 1.07 - TaxACT, Inc.)
    TaxACT 2014 Louisiana (HKLM-x32\...\TaxACT 2014 Louisiana) (Version: 1.01 - TaxACT, Inc.)
    TechGenie (Version: 1.0.0 - iYogi) Hidden
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    tooltips (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    True Color (HKLM-x32\...\{f8476c72-fe9e-4c04-a537-40a60257e57d}) (Version: 2.0.0.1 - Entertainment Experience)
    True Color (Version: 2.0.0.1 - Entertainment Experience LLC) Hidden
    TuneUpTool (HKLM-x32\...\{816C887C-611C-4397-8A16-ACA2BE87FAA2}) (Version: 1.0.0 - iYogi Support Dock)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    VPRINTOL (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
    WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
    WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WIRELESS (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1942062262-870864989-144695354-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {04D94E11-B025-46C4-9F34-7907C17C14FF} - System32\Tasks\Aviata\PowerRegister\Dell Reminder (Connor) => /LSRC="reminder" /remind /NumReminds=1
    Task: {04E38164-5C46-454D-AFB0-E676562870B6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-10-29] (PC-Doctor, Inc.)
    Task: {095D73C2-1719-429F-BA0E-2C934459CB35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {188A01F1-630F-473C-9DA9-649E7EF180F0} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-10-29] (PC-Doctor, Inc.)
    Task: {1BD860C4-6A42-4D6D-BB75-C2BB8BB4C5D3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-28] (Dropbox, Inc.)
    Task: {214D4D27-35C0-483F-9809-7B5E3E43CD89} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-28] (Dropbox, Inc.)
    Task: {25A38EB7-ADD0-4C34-95BB-844E7F35CA95} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-25] (Microsoft Corporation)
    Task: {2D48185D-A777-4C99-A7DE-C0D9A2340142} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {2E4F8495-AA54-45E7-8FA1-54DF077CBED1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-09-28] (Hewlett-Packard Company)
    Task: {35EE7F75-6BF6-484C-BF35-B6A4E07EA271} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
    Task: {3A9C4930-51C1-4467-9C6F-E0C7797048BC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {3C238A99-5F12-44B0-A927-756113A76FFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-18] (Adobe Systems Incorporated)
    Task: {3D6FE0FF-8FFE-4E2B-864E-373FF4E8A8B0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {3E7B2F2C-FEB8-424A-A803-5FC36A6070B2} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
    Task: {480316A8-7421-49B8-92C4-8B97392F1527} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {4B3F308A-1C8B-4C38-9862-08D13EF2FB42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
    Task: {501EB6F2-9960-4074-90F0-1B007B186B80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
    Task: {52C294F8-2458-4CFF-B0A7-4D396A87270E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {5749C2A7-8688-4DC4-BA44-BABBCC7AD085} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {57C50AC2-7E27-43AC-8BB2-6A431D97C1A6} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)
    Task: {5C8BC7E9-489E-4B36-A4A6-4616791DF0AF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
    Task: {5DBABC71-2D1F-471F-9875-288AB53A129A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
    Task: {6E4847A4-8192-438E-90BF-84C44E2A69AC} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
    Task: {6EE1A94D-DD3C-459A-9929-87A0994AA3ED} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
    Task: {70F5A21E-F0CB-4DFC-9F29-77FA6E43356E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
    Task: {7A6C1CF6-A103-4108-93A1-DB4D8818B944} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {7B3D172C-A092-4CB9-8D7D-C019684942B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {7D197B13-46F1-442F-A9EE-A02A8142CDAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7F2E64FE-01CF-4773-A37D-437C23E19A37} - System32\Tasks\SUPERAntiSpyware Scheduled Task f784bda7-ee4a-4731-9743-21ec63753474 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {96CCAC43-F1A5-46B8-B996-488DEAEA02C0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
    Task: {9893ED43-3BE6-41FB-9702-C9D0B35E11DF} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)
    Task: {9A64EFE3-0B29-4586-87D5-B5BAD66B7A24} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7af94932-c06a-4ecb-85ac-a24c3c74a548 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {A0FB8973-28EB-4254-9568-69167864BD8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {A1C649F3-D859-4B42-9871-B7C4D88DB54F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
    Task: {A467CEAF-CF77-4FDD-8EAD-68D44FE6400A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {A9983905-9D97-42E3-A0CE-D163B6004E2C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
    Task: {AAECBE61-F8DE-4591-AF69-292D4E122F82} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {AEDB70B9-6B8E-4902-82B7-A2DF019F12D1} - System32\Tasks\Dell\Dell Product Registration Update => /updatecheck /LSRC=autolaunch
    Task: {B299CA2E-10C6-4F1D-821E-BA0CD368B3CA} - System32\Tasks\{A09709A1-59CF-43B1-9D1B-7CC2556D7B1B} => pcalua.exe -a C:\Users\Barbara\Downloads\jpams-windows-x32-installer(1).exe -d C:\Users\Barbara\Downloads
    Task: {B8028DBE-5883-4DD2-9FC3-0E9C4DFF458E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bsbacon@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
    Task: {B90E2572-EEA3-4658-A82F-3E29097E930F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
    Task: {BC4A05D9-1397-4AF4-B910-D45875FD9FE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {CB65EAE0-4882-4961-90E5-F470D30CCA36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
    Task: {D023CED0-B029-495E-9F08-D6A8269F2BA2} - System32\Tasks\Dell\Dell Product Registration => /boot /LSRC=autolaunch
    Task: {DDEE6FC1-A3C1-4ACA-9C94-0358FCF87907} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
    Task: {DF4A4DD4-4865-4B9B-8C41-F609E4EFA483} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {E1C0957B-2C90-488C-8ADA-12A2E8D26A75} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-16] (Synaptics Incorporated)
    Task: {E8BD477A-4A1B-462A-9BDF-C6CE19A0656D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {E9E7141B-A24A-4034-B7FF-15F744D5B2A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {EBCDB0A8-35E1-4B64-8C4B-D1FC4FFEF757} - System32\Tasks\{4B5A54EF-830E-478C-AAF7-D9DCEF7B59AD} => pcalua.exe -a C:\Users\Barbara\Downloads\jpams-windows-x32-installer(2).exe -d C:\Users\Barbara\Downloads
    Task: {EF9F7DB5-5085-4542-98C7-BDD8E835305C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
    Task: {F8010990-FCA4-4F41-A145-C6056CBD014A} - System32\Tasks\PocketCloudUpdater => C:\Program
    Task: {FAB7E872-7EBC-4019-967F-D8FA2CE4BF06} - System32\Tasks\{68D0F7CD-6334-4118-B904-002B4217ED5D} => pcalua.exe -a C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\DZ5LF3M3\jpams-windows-x32-installer.exe -d C:\Users\Barbara\Desktop

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForBarbara.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 7af94932-c06a-4ecb-85ac-a24c3c74a548.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f784bda7-ee4a-4731-9743-21ec63753474.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2012-04-25 09:48 - 2012-04-25 09:48 - 00146432 _____ () C:\WINDOWS\System32\corelcreatorpm.dll
    2014-04-30 07:20 - 2014-04-30 07:20 - 00089072 _____ () C:\Program Files\TrueColor\TrueColorALS.exe
    2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2014-02-10 11:18 - 2014-02-10 11:18 - 00466944 _____ () C:\WINDOWS\system32\DPPPlugin.dll
    2015-10-30 01:17 - 2015-10-30 01:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-10-30 01:17 - 2015-10-30 01:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-12-17 12:01 - 2015-12-17 12:01 - 08903848 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
    2015-10-30 01:17 - 2015-10-30 01:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2015-10-30 01:17 - 2015-10-30 01:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-10-30 01:18 - 2015-10-30 03:06 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-10-30 01:18 - 2015-10-30 03:06 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-10-30 01:18 - 2015-10-30 03:06 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-10-30 01:18 - 2015-10-30 03:06 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2014-04-30 07:20 - 2014-04-30 07:20 - 00016368 _____ () C:\Program Files\TrueColor\DriverConsoleApp.exe
    2015-12-30 13:44 - 2015-12-30 13:44 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2015-12-17 11:50 - 2015-12-17 11:50 - 09737216 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
    2015-12-30 13:43 - 2015-12-30 13:43 - 00206848 _____ () C:\Program Files\WindowsApps\Microsoft.3DBuilder_10.10.38.0_x64__8wekyb3d8bbwe\Lib3mfUAP.dll
    2014-09-27 03:49 - 2013-12-10 09:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-09-27 03:46 - 2013-03-04 21:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2013-03-05 12:41 - 2013-03-05 12:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2015-12-30 13:44 - 2015-12-30 13:44 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2015-12-30 13:44 - 2015-12-30 13:44 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Syst75D53594:$WIMMOUNTDATA

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\1-domains-registrations.com -> 1 Domains Technology Blog |
    IE restricted site: HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\1-se.com -> 1-se.com

    There are 11444 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2015-12-14 12:11 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    0.0.0.1 mssplus.mcafee.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1942062262-870864989-144695354-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Barbara\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
    DNS Servers: 192.168.1.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Barbara^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Barbara^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk.Startup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
    MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
    MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    MSCONFIG\startupreg: DellSupportCenter =>
    MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
    MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
    MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN25NBK2KK05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
    MSCONFIG\startupreg: iTunesHelper =>
    MSCONFIG\startupreg: mcui_exe =>
    MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
    MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
    MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "Adobe ARM"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "iYogi Support Dock"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\StartupApproved\Run: => "LaplinkOffers"
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\StartupApproved\Run: => "Skype"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{6AF91538-B890-4D6B-8874-12523738C95E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{02036800-487B-49F1-9DA2-2662FA8789F1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{96349561-4619-426B-BBD6-971C9685A993}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{45234B47-96A0-4735-9556-B2ED301A24B3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{ED42FAF4-35E3-43D4-A668-89247D1E18CA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
    FirewallRules: [{CEC7CB08-D12E-4BB3-A7BC-071BD695715F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
    FirewallRules: [{46EC34E6-0CB7-446E-B4EB-5DED74444EE8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
    FirewallRules: [{74DBABCB-D697-4C0D-B98B-CEE7850FA7FC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
    FirewallRules: [{86379B22-DCC0-46CC-A82C-8DEB5F0AF3DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{E37FAA3F-3027-4143-910A-CDABCDC0B7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{A554BE6E-C842-4E66-8615-0AA2C4323BCD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{FFABE54A-FDC8-462A-9480-63974FD05007}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{01547366-4781-4E27-913F-A72A0840708B}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
    FirewallRules: [{43E1910A-4DD1-4C89-AA9B-AA4704AE3F51}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\AetherWindowsService.exe
    FirewallRules: [{852D5EE3-D9FC-4032-BB18-1422D511B3A6}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
    FirewallRules: [{A13C7EC5-E7AF-468A-9C11-68E3B73436D6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{7A841C58-EE1B-4A04-B829-D7B07B3FFFA2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
    FirewallRules: [{64EF6FE1-A2BD-49AE-8C3A-E78535152DFA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{AC4053CE-A672-47D3-86AC-1630B9D94B23}] => (Allow) C:\Program Files (x86)\Laplink\PCmover\pcmover.exe
    FirewallRules: [{DF8115D9-B107-49A0-B823-0F0A2CE66ACE}] => (Allow) C:\Users\Barbara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{25A6D1C5-9949-4D0F-BBC3-B50E54ECA704}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{E85651AA-5046-458B-AC9E-818EB7099250}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{F964A119-AC24-4654-8E29-A7F9B329FC9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{6B832131-BF59-434A-A7B9-F800FD5A4123}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled

    ==================== Faulty Device Manager Devices =============

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/30/2015 01:50:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:45:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:38:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:32:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:23:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BARBARA)
    Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/30/2015 01:11:28 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: BITSC:\Windows\System32\bitsperf.dll8

    Error: (12/30/2015 01:11:28 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: aspnet_stateaspnet_counters.dll8

    Error: (12/30/2015 12:54:08 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
    Description: 0x8007085A

    Error: (12/30/2015 12:48:40 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
    Description: 0x8007085A


    System errors:
    =============
    Error: (12/30/2015 01:22:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (12/30/2015 01:21:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {209500FC-6B45-4693-8871-6296C4843751}

    Error: (12/30/2015 01:17:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Access_48ff03 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (12/30/2015 01:17:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The User Data Storage_48ff03 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (12/30/2015 01:17:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Contact Data_48ff03 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (12/30/2015 01:17:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_48ff03 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (12/30/2015 01:17:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/30/2015 01:09:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

    Error: (12/30/2015 01:08:57 PM) (Source: DCOM) (EventID: 10016) (User: BARBARA)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}BarbaraBarbaraS-1-5-21-1942062262-870864989-144695354-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (12/30/2015 01:08:57 PM) (Source: DCOM) (EventID: 10016) (User: BARBARA)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}BarbaraBarbaraS-1-5-21-1942062262-870864989-144695354-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


    CodeIntegrity:
    ===================================
    Date: 2015-12-30 12:53:31.352
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-12-30 12:50:29.831
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-12-30 12:24:55.438
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
    Percentage of memory in use: 30%
    Total physical RAM: 8096.02 MB
    Available physical RAM: 5627.42 MB
    Total Virtual: 10016.02 MB
    Available Virtual: 7552.7 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:921.23 GB) (Free:797.77 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: BCBB6280)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-12-2015
    Ran by Barbara (administrator) on BARBARA (30-12-2015 16:36:16)
    Running from C:\Users\Barbara\Downloads
    Loaded Profiles: Barbara (Available Profiles: Barbara & Connor)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
    (Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    () C:\Program Files\TrueColor\TrueColorALS.exe
    (DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
    (Global Graphics Software Ltd) C:\Windows\System32\CorelCreatorMessages.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
    (Global Graphics Software Ltd.) C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
    () C:\Program Files\TrueColor\DriverConsoleApp.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.3DBuilder_10.10.38.0_x64__8wekyb3d8bbwe\Builder3D.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-11-27] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-11-27] (Realtek Semiconductor)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-16] (Synaptics Incorporated)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
    HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [18785776 2014-04-30] (Entertainment Experience)
    HKLM\...\Run: [CorelCreatorClient] => C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe [779776 2012-04-25] (Global Graphics Software Ltd.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
    HKLM-x32\...\Run: [iYogi Support Dock] => C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe [3272568 2013-09-06] ()
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_65\bin\jusched.exe"
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    Winlogon\Notify\!SASWinLogon-x32: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [X]
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Run: [LaplinkOffers] => C:\Program Files (x86)\Laplink\PCmover\ThirdParty\LaplinkOffers.exe [579432 2014-06-02] (Laplink Software, Inc.)
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-03] (SUPERAntiSpyware)
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
    ShellExecuteHooks-x32: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-07-27] (SoftThinks SAS)
    ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-07-27] (SoftThinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2015-07-27] (SoftThinks SAS)
    ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2015-07-27] (SoftThinks SAS)
    ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-14]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1004\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1001\User: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: 0.0.0.1 mssplus.mcafee.com
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{9916288a-c0c2-4bfb-a9ed-c0b53f062716}: [DhcpNameServer] 172.1.1.152
    Tcpip\..\Interfaces\{a529da70-789f-47e1-9b39-0082c16642a8}: [DhcpNameServer] 192.168.1.254

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\Microsoft\Internet Explorer\Main,Start Page = att.yahoo.com
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
    SearchScopes: HKLM -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {A87F8B6A-76FA-4311-997C-825922489557} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {1E275CD3-A797-4725-B543-55F5FA8235B5} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151127&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} URL = hxxp://search.iyogi.com/search.html?hl=en&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={2BC62B28-AFA3-4172-AC0D-21F3A78FF7A9}&mid=fb72716a3d4e47d0a2d9d16c2294f944-eaf959a709af2e07e6e86e101ce071812c22bc41&lang=en&ds=AVG&pr=pr&d=2012-09-30 14:48:07&v=12.2.5.34&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {A87F8B6A-76FA-4311-997C-825922489557} URL =
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-17] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation)
    BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-06] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-06] (Oracle Corporation)
    Toolbar: HKLM-x32 - iYogiPMToolbar - {CF729B85-4F13-45E7-A1EF-75A32EDBD532} - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPMToolbar.dll [2013-06-26] ()
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-12-03] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-12-03] (McAfee, Inc.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\1i8yne0m.default
    FF DefaultSearchEngine: Secure Search
    FF DefaultSearchEngine.US: Secure Search
    FF SearchEngineOrder.1: Secure Search
    FF SelectedSearchEngine: Secure Search
    FF Homepage: hxxp://att.yahoo.com
    FF Keyword.URL: hxxps://search.yahoo.com/search?fr=mcafee&type=C111US0D20141118&p=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-18] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
    FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-18] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-06] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-06] (Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-12-03] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-17] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-01-22] (RocketLife, LLP)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
    FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-1942062262-870864989-144695354-1001: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Barbara\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll [No File]
    FF Plugin HKU\S-1-5-21-1942062262-870864989-144695354-1001: AmWellVideo_7_3_1_0 -> C:\Users\Barbara\AppData\Roaming\American Well\Files\7_3_1_0\npapiWinVideo_7_3_1_0.dll [2014-06-24] (American Well)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-10-30] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-10-30] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-10-30] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-10-30] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-10-30] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np_gp.dll [2009-11-06] (NOS Microsystems Ltd.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2012-10-19] (Coupons, Inc.)
    FF SearchPlugin: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\1i8yne0m.default\searchplugins\McSiteAdvisor.xml [2015-11-27]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-16]
    FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Firefox\Extensions: [RAWThumbnailViewer@arcsoft.com.cn] - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\FireFox Extension
    FF Extension: RAW Thumbnail Viewer - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\FireFox Extension [2014-10-23] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox
    FF Extension: ArcSoft Video Downloader Extension - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2014-10-23] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [iYogi@iYogi.com] - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi
    FF Extension: iYogi Password Manager - C:\Program Files (x86)\iYogi\iYogiPasswordManager\iYogiPassMgr.xpi [2013-06-26] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-04] [not signed]

    Chrome:
    =======
    CHR DefaultSearchURL: Default -> hxxps://isearch.avg.com/search?cid={2BC62B28-AFA3-4172-AC0D-21F3A78FF7A9}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> isearch.avg.com
    CHR DefaultSuggestURL: Default -> hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\pdf.dll => No File
    CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll => No File
    CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
    CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
    CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
    CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll => No File
    CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll => No File
    CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
    CHR Plugin: (getPlusPlus for Adobe 16249) - C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Barbara\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll => No File
    CHR Plugin: (Facebook Plugin) - C:\Users\Barbara\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll => No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
    CHR Profile: C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (SiteAdvisor) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-10-23]
    CHR Extension: (iYogi Password Manager) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpeifmajolhnfocdndkhkpbdiaohpnmg [2015-05-17]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
    CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\legfpnnmhhnhjgekmmbkilmijnjoehne [2015-05-17] [UpdateUrl: hxxp://screenshot-program.com/fireshot/chrome.xml] <==== ATTENTION
    CHR Extension: (AVG Secure Search) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-10-23]
    CHR Extension: (Google Wallet) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
    CHR HKLM-x32\...\Chrome\Extension: [fpeifmajolhnfocdndkhkpbdiaohpnmg] - C:\Program Files (x86)\iYogi\iYogiPasswordManager\ChromeExtension\ChromeToolBar.crx [2013-06-26]
    CHR HKLM-x32\...\Chrome\Extension: [legfpnnmhhnhjgekmmbkilmijnjoehne] - C:\Users\Barbara\AppData\Roaming\FireShot\fireshot.crx [2014-08-28]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
    S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
    R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
    S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
    R3 CorelCreatorMessages; C:\Windows\system32\CorelCreatorMessages.exe [105984 2012-04-25] (Global Graphics Software Ltd) [File not signed]
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-28] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-28] (Dropbox, Inc.)
    S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
    S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
    S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [51168 2009-11-06] (NOS Microsystems Ltd.)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    S2 iYogiTechGenieParental; C:\Program Files (x86)\iYogi\TechGenie\iYogiTechGenieParental.exe [29184 2014-07-30] () [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
    R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-12-03] (McAfee, Inc.)
    R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-24] (Alcatel-Lucent) [File not signed]
    R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-24] (Alcatel-Lucent) [File not signed]
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
    R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
    R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
    S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-11-27] (Realtek Semiconductor)
    S2 SDiManage; C:\Program Files (x86)\SDC\SDiManage\IYogiMonitoringSvc.exe [25048 2012-09-05] ()
    S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2081992 2015-07-29] (SoftThinks SAS)
    R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-18] (Stardock Software, Inc)
    S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
    S2 SupportDockService.exe; C:\Program Files (x86)\iYogi Support Dock\Services\CommAgent\SupportDockService.exe [78336 2013-09-06] (iYogi Technical Services) [File not signed]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-16] (Synaptics Incorporated)
    R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
    S2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
    R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
    R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11259136 2015-11-27] (Broadcom Corp)
    R1 BdfNdisf; C:\Windows\System32\DriverStore\FileRepository\netlwf.inf_amd64_97f843f0c52a2992\bdfndisf6.sys [90192 2014-07-21] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files (x86)\iYogi\TechGenie\bdfwfpf.sys [103504 2014-07-21] (BitDefender LLC)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
    S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
    S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
    R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
    R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-08-02] (EldoS Corporation)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-30] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-09-29] (McAfee, Inc.)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
    R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896744 2015-11-27] (Realtek )
    S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [412400 2015-08-11] (Realsil Semiconductor Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [57032 2015-07-16] (Synaptics Incorporated)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    U3 aspnet_state; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-30 16:32 - 2015-12-30 16:36 - 00001049 _____ C:\Users\Barbara\Desktop\FRST64 - Shortcut.lnk
    2015-12-30 16:32 - 2015-12-30 16:35 - 00057965 _____ C:\Users\Barbara\Downloads\Addition.txt
    2015-12-30 16:31 - 2015-12-30 16:36 - 00042237 _____ C:\Users\Barbara\Downloads\FRST.txt
    2015-12-30 16:30 - 2015-12-30 16:36 - 00000000 ____D C:\FRST
    2015-12-30 16:29 - 2015-12-30 16:30 - 02370560 _____ (Farbar) C:\Users\Barbara\Downloads\FRST64.exe
    2015-12-30 16:11 - 2015-12-30 16:11 - 00001087 _____ C:\Users\Barbara\Desktop\HijackThis - Shortcut.lnk
    2015-12-30 14:21 - 2015-12-30 13:00 - 00000000 ___DC C:\WINDOWS\Panther
    2015-12-30 14:17 - 2015-12-30 14:17 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 13376512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 13017088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2015-12-30 14:17 - 2015-12-30 14:17 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2015-12-30 14:17 - 2015-12-30 14:17 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2015-12-30 14:17 - 2015-12-30 14:17 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2015-12-30 14:17 - 2015-12-30 14:17 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
    2015-12-30 14:17 - 2015-12-30 14:17 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
    2015-12-30 14:17 - 2015-12-30 14:17 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
    2015-12-30 14:17 - 2015-12-30 14:17 - 00000000 ____D C:\Windows.old
    2015-12-30 14:15 - 2015-12-30 14:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2015-12-30 14:11 - 2015-12-30 14:11 - 00000000 ____D C:\Program Files\Reference Assemblies
    2015-12-30 14:11 - 2015-12-30 14:11 - 00000000 ____D C:\Program Files\MSBuild
    2015-12-30 14:11 - 2015-12-30 14:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2015-12-30 14:11 - 2015-12-30 14:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2015-12-30 14:10 - 2015-10-23 19:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2015-12-30 14:10 - 2015-10-23 19:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-12-30 14:10 - 2015-10-23 19:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2015-12-30 14:10 - 2015-10-23 19:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2015-12-30 14:10 - 2015-10-23 19:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2015-12-30 14:10 - 2015-10-23 19:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-12-30 13:57 - 2015-12-30 13:57 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
    2015-12-30 13:08 - 2015-12-30 13:08 - 00000000 ____D C:\Users\Barbara\AppData\Local\ActiveSync
    2015-12-30 13:06 - 2015-12-30 13:06 - 00000612 __RSH C:\Users\Barbara\ntuser.pol
    2015-12-30 13:06 - 2015-12-30 13:06 - 00000020 ___SH C:\Users\Barbara\ntuser.ini
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default\My Documents
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default\Documents\My Music
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
    2015-12-30 13:00 - 2015-12-30 13:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
    2015-12-30 12:53 - 2015-12-30 12:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2015-12-30 12:42 - 2015-12-30 12:42 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2015-12-30 12:41 - 2015-12-30 12:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-12-30 12:33 - 2015-12-30 12:43 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2015-12-30 12:30 - 2015-12-30 13:19 - 00000000 ____D C:\Users\Barbara
    2015-12-30 12:30 - 2015-12-30 12:49 - 00000000 ____D C:\Users\Connor
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Connor\My Documents
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Connor\Documents\My Videos
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Connor\Documents\My Pictures
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Connor\Documents\My Music
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Barbara\My Documents
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Barbara\Documents\My Videos
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Barbara\Documents\My Pictures
    2015-12-30 12:30 - 2015-12-30 12:30 - 00000000 _SHDL C:\Users\Barbara\Documents\My Music
    2015-12-30 12:27 - 2015-12-30 13:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-12-30 12:27 - 2015-12-30 12:27 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
    2015-12-30 12:27 - 2015-12-30 12:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2015-12-30 12:27 - 2015-12-30 12:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
    2015-12-30 12:27 - 2015-07-17 22:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2015-12-30 12:27 - 2015-07-17 22:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2015-12-30 12:26 - 2015-12-30 12:33 - 00000000 ____D C:\Program Files\Intel
    2015-12-30 12:26 - 2015-12-30 12:26 - 01019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
    2015-12-30 12:26 - 2015-12-30 12:26 - 00455938 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
    2015-12-30 12:26 - 2015-12-30 12:26 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
    2015-12-30 12:26 - 2015-12-30 12:26 - 00019678 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
    2015-12-30 12:26 - 2015-12-30 12:26 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
    2015-12-30 12:26 - 2015-12-30 12:26 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2015-12-30 12:26 - 2015-12-30 12:26 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
    2015-12-30 12:25 - 2015-12-30 12:25 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2015-12-30 12:25 - 2015-12-30 12:25 - 00000000 ____D C:\Program Files\Synaptics
    2015-12-30 12:25 - 2015-12-30 12:25 - 00000000 ____D C:\Program Files\Realtek
    2015-12-30 12:25 - 2015-10-30 01:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2015-12-30 12:22 - 2015-12-30 12:44 - 00368800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-12-30 09:44 - 2015-12-30 11:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-12-30 09:43 - 2015-12-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-12-30 09:43 - 2015-12-30 09:43 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-12-30 09:43 - 2015-12-30 09:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-12-30 09:43 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-12-30 09:43 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-12-30 09:43 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-12-30 09:35 - 2015-12-30 09:45 - 00388608 _____ (Trend Micro Inc.) C:\Users\Barbara\Downloads\HijackThis.exe
    2015-12-30 09:34 - 2015-12-30 09:37 - 22908888 _____ (Malwarebytes ) C:\Users\Barbara\Downloads\mbam-setup-2.2.0.1024.exe
    2015-12-29 15:55 - 2015-12-30 15:37 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
    2015-12-28 11:04 - 2015-12-30 10:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-12-25 14:47 - 2015-12-30 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2015-12-25 14:47 - 2015-12-25 14:47 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-12-15 10:26 - 2015-12-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-12-14 12:11 - 2015-12-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-12-14 12:11 - 2015-12-14 12:11 - 00002011 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-12-08 10:03 - 2015-12-15 10:10 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBarbara.job
    2015-12-03 15:13 - 2015-12-03 15:13 - 00417064 _____ () C:\Users\Barbara\Downloads\dellsystemdetectlauncher.exe
    2015-12-03 15:01 - 2015-12-30 12:43 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
    2015-12-01 11:32 - 2015-12-25 17:45 - 00000501 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
    2015-12-01 10:38 - 2015-12-30 12:53 - 00002686 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8600
    2015-12-01 10:38 - 2015-12-01 10:38 - 00002279 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
    2015-12-01 10:38 - 2012-10-17 04:31 - 00741480 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM5912.dll
    2015-11-30 11:58 - 2015-12-08 10:03 - 00000000 ____D C:\Users\Barbara\AppData\Local\Hewlett-Packard
    2015-11-30 11:53 - 2015-11-30 11:53 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Hewlett-Packard
    2015-11-30 11:47 - 2015-12-30 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
    2015-11-30 11:47 - 2015-11-30 11:47 - 00002302 _____ C:\Users\Barbara\Desktop\HP Support Assistant.lnk
    2015-11-30 11:47 - 2015-11-30 11:47 - 00000000 ____D C:\System.sav
    2015-11-30 11:46 - 2015-11-30 11:46 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\hpqLog
    2015-11-30 11:45 - 2015-12-01 10:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-30 16:35 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF
    2015-12-30 16:33 - 2015-10-30 00:28 - 00000000 ____D C:\Windows
    2015-12-30 16:24 - 2015-11-28 11:19 - 00000926 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2015-12-30 16:21 - 2014-10-31 19:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-12-30 15:38 - 2014-11-18 09:35 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-12-30 14:59 - 2015-11-13 08:47 - 00003560 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
    2015-12-30 14:21 - 2015-10-30 01:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2015-12-30 14:19 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2015-12-30 14:17 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-12-30 14:17 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-12-30 14:17 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-12-30 14:17 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-12-30 14:17 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2015-12-30 14:17 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Dism
    2015-12-30 13:54 - 2015-09-16 09:30 - 00000000 ___RD C:\Users\Barbara\3D Objects
    2015-12-30 13:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-12-30 13:25 - 2014-10-12 18:07 - 00000000 ____D C:\Users\Barbara\AppData\Local\Packages
    2015-12-30 13:24 - 2015-10-20 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-12-30 13:22 - 2015-10-20 11:56 - 00000000 __RSD C:\Users\Barbara\Documents\McAfee Vaults
    2015-12-30 13:20 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
    2015-12-30 13:19 - 2015-11-28 11:19 - 00000922 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2015-12-30 13:19 - 2014-11-18 09:35 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-12-30 13:19 - 2014-10-12 18:07 - 00000000 __SHD C:\Users\Barbara\IntelGraphicsProfiles
    2015-12-30 13:14 - 2015-08-10 09:11 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-12-30 13:13 - 2015-08-10 09:33 - 00002410 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-12-30 13:13 - 2014-10-12 18:09 - 00000000 ___RD C:\Users\Barbara\OneDrive
    2015-12-30 13:07 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2015-12-30 13:07 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\MiracastView
    2015-12-30 13:07 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2015-12-30 13:06 - 2014-10-12 19:41 - 00000000 __RHD C:\Users\Public\AccountPictures
    2015-12-30 13:00 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache
    2015-12-30 12:59 - 2015-08-10 08:15 - 00026673 _____ C:\WINDOWS\diagwrn.xml
    2015-12-30 12:59 - 2015-08-10 08:15 - 00026673 _____ C:\WINDOWS\diagerr.xml
    2015-12-30 12:57 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2015-12-30 12:57 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Registration
    2015-12-30 12:55 - 2015-05-26 10:02 - 00000530 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 7af94932-c06a-4ecb-85ac-a24c3c74a548.job
    2015-12-30 12:54 - 2015-08-10 09:20 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
    2015-12-30 12:53 - 2015-11-28 11:19 - 00003440 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2015-12-30 12:53 - 2015-11-28 11:19 - 00003216 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2015-12-30 12:53 - 2015-11-13 08:47 - 00003810 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
    2015-12-30 12:53 - 2015-11-13 08:47 - 00002980 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
    2015-12-30 12:53 - 2015-10-20 11:54 - 00002440 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
    2015-12-30 12:53 - 2015-09-04 12:49 - 00003294 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{50C810E7-405C-460A-B2ED-1CC101A50875}
    2015-12-30 12:53 - 2015-08-22 10:29 - 00002800 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bsbacon@outlook.com
    2015-12-30 12:53 - 2015-08-06 09:02 - 00002400 _____ C:\WINDOWS\System32\Tasks\{68D0F7CD-6334-4118-B904-002B4217ED5D}
    2015-12-30 12:53 - 2015-08-06 08:44 - 00002322 _____ C:\WINDOWS\System32\Tasks\{4B5A54EF-830E-478C-AAF7-D9DCEF7B59AD}
    2015-12-30 12:53 - 2015-08-06 08:35 - 00002322 _____ C:\WINDOWS\System32\Tasks\{A09709A1-59CF-43B1-9D1B-7CC2556D7B1B}
    2015-12-30 12:53 - 2015-05-26 10:46 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-12-30 12:53 - 2015-05-26 10:03 - 00003242 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task f784bda7-ee4a-4731-9743-21ec63753474
    2015-12-30 12:53 - 2015-05-26 10:02 - 00003050 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 7af94932-c06a-4ecb-85ac-a24c3c74a548
    2015-12-30 12:53 - 2015-05-15 11:25 - 00003316 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2015-12-30 12:53 - 2015-03-22 13:52 - 00002936 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1942062262-870864989-144695354-1004
    2015-12-30 12:53 - 2014-11-18 09:35 - 00003434 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-12-30 12:53 - 2014-11-18 09:35 - 00003210 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-12-30 12:53 - 2014-10-31 19:49 - 00003044 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-12-30 12:53 - 2014-10-12 18:12 - 00002936 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1942062262-870864989-144695354-1001
    2015-12-30 12:53 - 2014-09-27 03:51 - 00002254 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
    2015-12-30 12:53 - 2014-09-27 03:46 - 00002534 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
    2015-12-30 12:53 - 2014-09-27 03:46 - 00002534 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
    2015-12-30 12:53 - 2014-09-27 03:43 - 00002552 _____ C:\WINDOWS\System32\Tasks\PocketCloudUpdater
    2015-12-30 12:53 - 2014-09-27 03:43 - 00002428 _____ C:\WINDOWS\System32\Tasks\PocketCloudVirtualChannel
    2015-12-30 12:53 - 2014-09-27 03:43 - 00002326 _____ C:\WINDOWS\System32\Tasks\PocketCloud
    2015-12-30 12:52 - 2015-10-30 01:24 - 00000000 __RHD C:\Users\Public\Libraries
    2015-12-30 12:49 - 2014-09-27 03:58 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2015-12-30 12:44 - 2015-10-30 00:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-12-30 12:43 - 2015-11-20 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
    2015-12-30 12:43 - 2015-10-30 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2015-12-30 12:43 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2015-12-30 12:43 - 2015-10-30 00:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
    2015-12-30 12:43 - 2015-08-20 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-12-30 12:43 - 2015-08-20 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2015-12-30 12:43 - 2015-07-19 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2015-12-30 12:43 - 2015-03-06 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-12-30 12:43 - 2014-12-08 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-12-30 12:43 - 2014-11-01 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TaxACT
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FireShot
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Backgammon7
    2015-12-30 12:43 - 2014-10-24 00:59 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2nd Story Software
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaxACT
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tansee iPhone Transfer SMS
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tansee iPhone Copy
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2014
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Duplicate Finder 4
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backgammon7
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Video Downloader
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Scan-n-Stitch Deluxe
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio Darkroom 2
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Panorama Maker 5
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Panorama Maker 4
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft MediaImpression 2
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
    2015-12-30 12:43 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2nd Story Software
    2015-12-30 12:43 - 2014-10-23 12:38 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
    2015-12-30 12:43 - 2014-10-23 11:28 - 00000000 ____D C:\WINDOWS\en
    2015-12-30 12:43 - 2014-10-23 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iYogi Support Dock
    2015-12-30 12:43 - 2014-10-23 10:07 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Professional
    2015-12-30 12:43 - 2014-10-21 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Professional
    2015-12-30 12:43 - 2014-10-20 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Heritage
    2015-12-30 12:43 - 2014-10-20 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3
    2015-12-30 12:43 - 2014-10-20 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PDF Fusion
    2015-12-30 12:43 - 2014-10-20 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X5
    2015-12-30 12:43 - 2014-09-27 03:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
    2015-12-30 12:43 - 2014-09-27 03:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueColor
    2015-12-30 12:43 - 2014-09-27 03:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2015-12-30 12:43 - 2014-09-27 03:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
    2015-12-30 12:43 - 2014-09-27 03:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wyse
    2015-12-30 12:42 - 2015-07-10 03:05 - 00000000 ____D C:\Users\Default.migrated
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\spool
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\oobe
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\NDF
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2015-12-30 12:36 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2015-12-30 12:36 - 2014-10-23 13:29 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
    2015-12-30 12:36 - 2014-09-27 03:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
    2015-12-30 12:36 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
    2015-12-30 12:36 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
    2015-12-30 12:34 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2015-12-30 12:34 - 2015-10-30 01:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2015-12-30 12:34 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\InputMethod
    2015-12-30 12:34 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\USOPrivate
    2015-12-30 12:34 - 2015-05-19 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-12-30 12:34 - 2014-11-01 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iYogi
    2015-12-30 12:34 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smartparts Inc
    2015-12-30 12:34 - 2014-10-23 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
    2015-12-30 12:34 - 2014-10-23 12:56 - 00000000 ___RD C:\Users\Public\Recorded TV
    2015-12-30 12:34 - 2014-10-21 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
    2015-12-30 12:34 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\ADFS
    2015-12-30 12:33 - 2015-10-30 01:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-12-30 12:33 - 2014-10-23 13:00 - 00000000 ____D C:\Program Files\Microsoft Games
    2015-12-30 12:33 - 2013-08-22 09:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
    2015-12-30 12:32 - 2014-12-08 16:57 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
    2015-12-30 12:31 - 2015-03-22 13:46 - 00000000 ____D C:\Users\Connor\AppData\Local\Packages
    2015-12-30 12:29 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2015-12-30 12:22 - 2015-10-30 03:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
    2015-12-30 11:56 - 2015-10-30 03:42 - 00000000 ___HD C:\$WINDOWS.~BT
    2015-12-30 11:02 - 2015-05-26 10:03 - 00000530 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f784bda7-ee4a-4731-9743-21ec63753474.job
    2015-12-30 10:28 - 2014-10-12 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-12-30 09:43 - 2014-10-23 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-12-30 08:58 - 2014-10-23 23:15 - 00000000 ____D C:\Users\Barbara\AppData\Local\Adobe
    2015-12-25 18:57 - 2014-10-21 11:07 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-12-25 18:52 - 2014-10-21 11:07 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-12-25 14:48 - 2015-06-28 16:10 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Skype
    2015-12-25 14:47 - 2015-06-28 16:10 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-12-25 14:47 - 2015-06-28 16:10 - 00000000 ____D C:\Users\Barbara\AppData\Local\Skype
    2015-12-25 14:47 - 2015-06-28 16:10 - 00000000 ____D C:\ProgramData\Skype
    2015-12-17 12:05 - 2014-10-23 14:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2015-12-15 10:27 - 2015-11-28 11:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2015-12-15 09:34 - 2014-10-23 22:47 - 00000000 ____D C:\Users\Barbara\Documents\Quicken
    2015-12-14 12:11 - 2015-11-24 12:27 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2015-12-09 17:09 - 2014-10-23 22:45 - 00000000 ____D C:\Users\Barbara\Documents\3 Connor
    2015-12-09 17:09 - 2014-10-23 22:44 - 00000000 ____D C:\Users\Barbara\Documents\1 Barbara
    2015-12-09 16:39 - 2015-11-25 12:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\OfficeBSCache-MyComputer
    2015-12-09 08:58 - 2014-12-08 17:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-12-09 08:58 - 2014-12-08 17:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-12-09 08:11 - 2015-11-28 11:27 - 00000000 ___RD C:\Users\Barbara\Dropbox
    2015-12-09 08:10 - 2015-11-28 11:19 - 00000000 ____D C:\Users\Barbara\AppData\Local\Dropbox
    2015-12-08 12:52 - 2011-12-13 11:11 - 03047424 ____R C:\Users\Public\Documents\ESBK.mbb
    2015-12-08 12:52 - 2011-12-13 11:11 - 01340416 ____R C:\Users\Public\Documents\ESBK.mb
    2015-12-05 12:24 - 2014-11-18 10:19 - 00000000 ____D C:\ProgramData\McAfee
    2015-12-04 11:16 - 2015-10-20 11:47 - 00000000 ____D C:\Program Files\Common Files\McAfee
    2015-12-04 11:14 - 2015-07-24 11:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2015-12-04 11:06 - 2014-10-23 23:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\HP
    2015-12-03 15:44 - 2014-09-27 03:54 - 00000000 ____D C:\ProgramData\PCDr
    2015-12-03 15:27 - 2015-07-19 09:52 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2015-12-01 11:59 - 2014-10-23 23:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\ElevatedDiagnostics
    2015-12-01 10:49 - 2014-10-23 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
    2015-12-01 10:38 - 2014-10-24 00:54 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\HpUpdate
    2015-12-01 10:38 - 2014-10-23 14:08 - 00000000 ____D C:\Program Files (x86)\HP
    2015-12-01 10:36 - 2014-10-23 12:56 - 00000000 ____D C:\Program Files\HP
    2015-12-01 10:36 - 2014-10-23 12:20 - 00000000 ____D C:\ProgramData\HP
    2015-12-01 10:27 - 2014-09-27 05:40 - 00000000 __SHD C:\System Recovery
    2015-12-01 09:02 - 2014-10-23 11:00 - 00000000 ____D C:\ProgramData\softthinks
    2015-11-30 11:47 - 2014-10-23 14:08 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2015-11-30 11:47 - 2014-09-27 03:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

    ==================== Files in the root of some directories =======

    2009-12-07 11:57 - 2009-12-11 08:50 - 0000947 _____ () C:\Users\Barbara\AppData\Roaming\DataSafeDotNet.exe
    2009-11-28 12:46 - 2009-11-28 12:46 - 0002154 _____ () C:\Users\Barbara\AppData\Roaming\install.dat
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\Users\Barbara\AppData\Roaming\Kernel Extension
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\Users\Barbara\AppData\Roaming\Keyboard Layouts
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\Users\Barbara\AppData\Roaming\Keychains
    2010-07-09 21:00 - 2014-11-01 18:42 - 0000296 _____ () C:\Users\Barbara\AppData\Roaming\wklnhst.dat
    2014-01-08 13:08 - 2015-08-22 10:33 - 0012800 _____ () C:\Users\Barbara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-11-01 13:47 - 2013-01-14 10:34 - 0007680 _____ () C:\Users\Barbara\AppData\Local\Z@!-929e4914-c2b9-4160-8275-5cf1bb4c00d0.tmp
    2014-11-01 13:47 - 2013-01-14 10:34 - 0007168 _____ () C:\Users\Barbara\AppData\Local\Z@S!-884c5daf-65d5-4b32-bd25-508b3aaceaf0.tmp
    2011-10-07 13:39 - 2011-10-07 13:39 - 0000000 _____ () C:\Users\Barbara\AppData\Local\{D535D902-AF58-4015-8592-24C0346DFBC3}
    2011-08-17 06:17 - 2011-08-17 06:17 - 0000000 _____ () C:\Users\Barbara\AppData\Local\{E6DCC288-A439-4C60-98E8-648F892DE25A}
    2012-09-13 18:09 - 2012-09-13 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini
    2015-12-30 12:26 - 2015-12-30 12:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2009-11-29 15:18 - 2010-11-30 14:41 - 0004117 _____ () C:\ProgramData\hpzinstall.log
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\ProgramData\LaunchAgents
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\ProgramData\Legacy
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000268 ___RH () C:\ProgramData\Libraries
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000012 ___RH () C:\ProgramData\Mail
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000012 ___RH () C:\ProgramData\Master
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000012 ___RH () C:\ProgramData\Metadata Importer
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
    2011-07-03 11:20 - 2011-07-03 20:00 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
    2011-07-03 11:20 - 2011-07-03 11:20 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
    2014-09-27 03:49 - 2014-09-27 03:49 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2014-09-27 03:46 - 2014-09-27 03:47 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2014-09-27 03:47 - 2014-09-27 03:48 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2014-09-27 03:48 - 2014-09-27 03:49 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
    2014-09-27 03:45 - 2014-09-27 03:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-12-30 12:22

    ==================== End of FRST.txt ============================

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,180
    Points
    1308

    Default

    Hello,

    I noticed that Soft Thinks Agent was slowing my laptop.
    How did you find that out, did you disable it ?

  5. #5
    Member baconbits's Avatar
    Join Date
    Sep 2004
    Location
    Texas & Louisiana
    Posts
    48
    Points
    3

    Default

    i minimize my startup programs to as few as possible. After a recent update (re: WIN 10), i heard my processor running (and running). The cursor was spinning for several minutes. I checked in TASK MANAGER and saw that a process called "SoftThinks Agent" was using A LOT of memory. I researched the program and discovered it's software belonging to Dell DataSafe Local Backup (I use an external backup drive). Apparently it's rather intrusive, mines for data that Dell can use, and is NOT NECESSARY if you have a Windows higher than WIN 7. I've found directions to uninstall it, however, while I was at it I wanted to clean any other malware I may have missed. At the very least, I will remove SoftThinks Agent from my startup.

    But, I'd still appreciate your advising any other entries I can remove, delete, and/or uninstall!!

    Thanks you very much
    Barbara

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,180
    Points
    1308

    Default

    Do you use iYogi ?

    iYogi Support Dock
    iYogiPasswordManager


    A few items to fix, mostly left overs. Then we run 2 adware scans. When you save this fix it needs to be put here==>" C:\Users\Barbara\Downloads" because that's where frst is, the fixlist and frst must be in the same location and that's your downloads folder. Once the fixlist is in the downloads folder, just right click frst "Run as administrator" and hit fix and a log will be created called Fixlog.txt

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.
    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    Winlogon\Notify\!SASWinLogon-x32: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1004\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1001\User: Restriction <======= ATTENTION
    SearchScopes: HKLM -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {A87F8B6A-76FA-4311-997C-825922489557} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {1E275CD3-A797-4725-B543-55F5FA8235B5} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151127&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} URL = hxxp://search.iyogi.com/search.html?hl=en&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={2BC62B28-AFA3-4172-AC0D-21F3A78FF7A9}&mid=fb72716a3d4e47d0a2d9d16c2294f944-eaf959a709af2e07e6e86e101ce071812c22bc41&lang=en&ds=AVG&pr=pr&d=2012-09-30 14:48:07&v=12.2.5.34&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {A87F8B6A-76FA-4311-997C-825922489557} URL = 
    AlternateDataStreams: C:\Syst75D53594:$WIMMOUNTDATA
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:
    • Click Format and ensure Wordwrap is unchecked.
    • Save as Fixlist.txt to your Desktop (Must be in this location)
    • Run FRST/FRST64 and press the Fix button just once and wait.
    • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.


    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.



    Next

    Please download AdwCleaner by Xplode onto your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • The report will be saved in the C:\AdwCleaner folder.


    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;

    • Fixlog.txt
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

  7. #7
    Member baconbits's Avatar
    Join Date
    Sep 2004
    Location
    Texas & Louisiana
    Posts
    48
    Points
    3

    Default Completed FixLog.txt; AdwCleaner; and JRT

    Below are the 3 logs.

    RE: iYogi Support Dock
    I want to remove this from my computer completely. I it used when I initially set up my new laptop. Now, however, I want to use the Win 10 startup.

    Thank you, very very much!!!

    Fix result of Farbar Recovery Scan Tool (x64) Version:30-12-2015
    Ran by Barbara (2016-01-24 16:17:31) Run:2
    Running from C:\Users\Barbara\Downloads
    Loaded Profiles: Barbara (Available Profiles: Barbara & Connor)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    Winlogon\Notify\!SASWinLogon-x32: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1004\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1001\User: Restriction <======= ATTENTION
    SearchScopes: HKLM -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {A87F8B6A-76FA-4311-997C-825922489557} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {1E275CD3-A797-4725-B543-55F5FA8235B5} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151127&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {546D61EF-FCFA-400A-BFA5-3E170CF93E9F} URL =
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} URL = hxxp://search.iyogi.com/search.html?hl=en&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={2BC62B28-AFA3-4172-AC0D-21F3A78FF7A9}&mid=fb72716a3d4e47d0a2d9d16c2294f944-eaf959a709af2e07e6e86e101ce071812c22bc41&lang=en&ds=AVG&pr=pr&d=2012-09-30 14:48:07&v=12.2.5.34&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1942062262-870864989-144695354-1001 -> {A87F8B6A-76FA-4311-997C-825922489557} URL =
    AlternateDataStreams: C:\Syst75D53594:$WIMMOUNTDATA
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:

    *****************

    Processes closed successfully.
    Restore point was successfully created.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
    HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon => key not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key not found.
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate => key not found.
    HKCR\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235} => key not found.
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate => key not found.
    HKCR\Wow6432Node\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235} => key not found.
    C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe => not found.
    "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1004\User" => not found.
    "C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1942062262-870864989-144695354-1001\User" => not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{546D61EF-FCFA-400A-BFA5-3E170CF93E9F} => key not found.
    HKCR\CLSID\{546D61EF-FCFA-400A-BFA5-3E170CF93E9F} => key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A87F8B6A-76FA-4311-997C-825922489557} => key not found.
    HKCR\Wow6432Node\CLSID\{A87F8B6A-76FA-4311-997C-825922489557} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1E275CD3-A797-4725-B543-55F5FA8235B5} => key not found.
    HKCR\CLSID\{1E275CD3-A797-4725-B543-55F5FA8235B5} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
    HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{546D61EF-FCFA-400A-BFA5-3E170CF93E9F} => key not found.
    HKCR\CLSID\{546D61EF-FCFA-400A-BFA5-3E170CF93E9F} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} => key not found.
    HKCR\CLSID\{5AA0FB2F-45B5-4b28-8E51-261F7382C1A8} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
    HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A87F8B6A-76FA-4311-997C-825922489557} => key not found.
    HKCR\CLSID\{A87F8B6A-76FA-4311-997C-825922489557} => key not found.
    "C:\Syst75D53594" => ":$WIMMOUNTDATA" ADS not found.

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.8.10586 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    0 out of 0 jobs canceled.

    ========= End of CMD: =========


    ========= netsh winsock reset catalog =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    ========= RemoveProxy: =========

    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\S-1-5-21-1942062262-870864989-144695354-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


    ========= End of RemoveProxy: =========

    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.
    EmptyTemp: => 2.6 GB temporary data Removed.


    The system needed a reboot.

    ==== End of Fixlog 16:19:52 ====

    # AdwCleaner v5.030 - Logfile created 24/01/2016 at 16:39:53
    # Updated 17/01/2016 by Xplode
    # Database : 2016-01-19.2 [Server]
    # Operating system : Windows 10 Home (x64)
    # Username : Barbara - BARBARA
    # Running from : C:\Users\Barbara\Downloads\AdwCleaner.exe
    # Option : Scan
    # Support : Forum - ToolsLib

    ***** [ Services ] *****


    ***** [ Folders ] *****

    Folder Found : C:\Program Files\Easeware
    Folder Found : C:\Program Files (x86)\Coupons
    Folder Found : C:\ProgramData\Speedbit
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
    Folder Found : C:\Users\Barbara\AppData\Local\Conduit
    Folder Found : C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Folder Found : C:\Users\Barbara\AppData\LocalLow\Conduit
    Folder Found : C:\Users\Barbara\AppData\LocalLow\HPAppData
    Folder Found : C:\Users\Barbara\AppData\LocalLow\Toolbar4
    Folder Found : C:\Users\Barbara\AppData\LocalLow\Yahoo! Companion
    Folder Found : C:\Users\Barbara\AppData\LocalLow\Yahoo!\Companion
    Folder Found : C:\Users\Barbara\AppData\Roaming\Easeware
    Folder Found : C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

    ***** [ Files ] *****

    File Found : C:\END

    ***** [ DLL ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\5a0df8dbd38e940
    Key Found : HKLM\SOFTWARE\5a0df8dbd38e940
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
    Key Found : HKCU\Software\Yahoo\Companion
    Key Found : HKCU\Software\Yahoo\YFriendsBar
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : HKCU\Software\AppDataLow\Software\SpecialSavings
    Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\visualbee
    Key Found : HKLM\SOFTWARE\Yahoo\Companion
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverNavigator_is1
    Key Found : HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\Yahoo\Companion
    Key Found : HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\Yahoo\YFriendsBar
    Key Found : HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\YahooPartnerToolbar
    Key Found : HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\AppDataLow\Software\SpecialSavings
    Key Found : HKU\S-1-5-21-1942062262-870864989-144695354-1001\Software\AppDataLow\Software\Yahoo\Companion
    Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1942062262-870864989-144695354-1001\Software\SBConvert
    Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1942062262-870864989-144695354-1001\Software\SweetIM
    Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\isearch.avg.com

    ***** [ Web browsers ] *****

    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultthis.engineName", "appbario8 Customized Web Search");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("browser.search.order.1", "appbario8 Customized Web Search");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZKfox000&ptb=kPRxEzdLrY.QdVaLG0MfgA&ind=2010062011&osp=mws&ptnrS=ZKfox000&si=&st=sb&n=7[...]
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "AVG Secure Search");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "Yahoo");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=FED9D450-0734-4687-A9C5-D6D5582493CD&n=77fc98e2&p2=^9N^xdm003^S05388^us&si=CK6t_bjP8LYCFYHe4[...]
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.hp.enabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.initialized", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.contextKey", "");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.installDate", "2013042914");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.partnerId", "^9N^xdm003^S05388^us");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.partnerSubId", "CK6t_bjP8LYCFYHe4AodmwoAHA");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.success", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.installation.toolbarId", "FED9D450-0734-4687-A9C5-D6D5582493CD");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.lastActivePing", "1367336836361");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.options.defaultSearch", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.options.homePageEnabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.options.keywordEnabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.options.tabEnabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._12Members_.weather.location", "70112");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "myscrapnook@mindspark.com");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "myscrapnook@mindspark.com");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelatedtopics");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("extentions.y2layers.installId", "168417a4-f82b-41e4-b14f-db2c2fe5e246");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=FED9D450-0734-4687-A9C5-D6D5582493CD&n=77fc98e2&ind=2013042914&p2=^9N^xdm003^S05388^us&si=CK6t_bjP8LYCFYHe4A[...]
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.auto_search", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.buttons.highlighter", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.buttons.showlabels", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.click_selects_all", true);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.ctrl_search", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.enable_auto_complete", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.focus_key", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.search_in_tab", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.search_on_drag_drop", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.shift_ctrl_search", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.shift_search", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.use_inline_complete", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvdownloader.warn_on_form_history", false);
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var1", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var10", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var2", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var3", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var4", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var5", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var6", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var7", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var8", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.Var9", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "13/17/4/5/110");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.firstlaunch", "0");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.guid", "%7BDB5D14B9-821C-5FA5-D58B-421407DC0B1B%7D");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader.userId", "%12");
    [C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\25pgee80.default\prefs.js] [Preference] Found : user_pref("speedbitvideodownloader_installed_version", "2.2.4");
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com_
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : isearch.avg.com
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxps://isearch.avg.com/search?cid={2BC62B28-AFA3-4172-AC0D-21F3A78FF7A9}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : aidbbndgjnlaclnmhkdimcdjiebjpdel
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bfcpnihmbfoaeoakalclfalkdepgiaje
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : cfcbmgbfdbijmjgjihagbomfbjfjmgon
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : hgojaaaiddhmiiakpejiklijbalpckih
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : mocblcnaofikinigmceddfghppkkjbog
    [C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ndibdjnfmopecpmkdieinmbadjfpblof
    [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
    [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15660 bytes] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.2 (01.06.2016)
    Operating System: Windows 10 Home x64
    Ran by Barbara (Administrator) on Sun 01/24/2016 at 17:05:21.08
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 119

    Successfully deleted: C:\Users\Barbara\AppData\Local\{00141A47-4D59-4E1B-885D-C42726236DF9} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{01C193E6-76F7-4CFA-971F-7ECD7C4E4418} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{0423AAD6-5F44-40C9-9417-12AE5DFC48C1} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{08E4B556-B46E-44A1-B86F-1C2C46090364} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{09541240-2A21-4EE6-8AF6-2A3D3FF03E05} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{09A99D49-466C-4D42-864E-6751B4E57612} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{0B8D62B3-1908-4A09-9604-4E405F8A01CD} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{0BE6E595-5553-4163-A9C5-792276E3BFAD} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{0D50C344-3DF5-4ADC-88A4-736CD1AA9F98} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{0F5CE2E4-42F5-4033-B62D-34F6061FC9BC} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{103B8DC2-D015-4F7C-A97C-51490C0DA686} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{11845F5C-5EFC-4815-9681-B34165B49A22} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{11DBE6B6-A538-4234-92EB-6DD344583367} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{15D45D56-EB8B-4F20-9D37-D29D90733EC6} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{1603053D-DF6C-4F6F-A033-F649FAEBBE9C} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{1A97D97E-C5F5-4937-BC60-093771A1235D} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{1BF646A3-8477-47B1-8AB6-DA45BB93BFC1} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{1FA4D0ED-A736-45D9-9959-64284D5974F3} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{21FF1ED7-E129-4253-8175-5EAE0ADF8197} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{25BEEB19-7685-47C5-8352-27494EF6CFE4} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{26F7F5D6-7258-4E72-97EC-9A449A57A741} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{2747060D-8A93-4CC7-9CD1-E6391E793420} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{28489589-4359-44D7-847C-FE7E3E25774E} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{28E00124-6197-4C52-9BA0-62292B8289C8} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{2C3139A0-3DA1-4F17-B56E-06D54D50C7C2} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{2D48E4F7-89E6-487C-A366-B9AD91ED66EE} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{300C0131-F72A-4C44-8798-FFA9046798E4} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{387FB9B0-310A-4848-BF18-7580F1E4BFEF} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{3ABFBD90-EE3B-49DC-9BFD-FD738E581C8A} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{3B276088-8742-42D3-BC02-DAF9E920E573} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{3C6D9D99-02D3-4E6A-9C57-894450A73F00} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{3C87EBEE-8CC1-4F48-8E35-6B3B21B8DD4A} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{430B9CAA-8DE9-4A7E-A755-9A493486266C} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{44EEDD94-4104-4FD9-B54D-861C7A39E26A} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{454D3D45-51F3-46D0-B955-A6E3A615AA59} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{46D38129-456D-404C-8CB5-29A477F2C1CF} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{488C368E-4FC5-4D17-9A95-F94308228A9F} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{49EDD53E-F2BF-4CB4-BEDA-D40B16DABFC4} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{4A01FA41-5C1F-43EB-81C6-23CB3707DF58} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{4CDB7BD6-2386-446C-B79F-EEB22805C6B6} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{51716FAA-65EB-47E3-9240-F45019AA0D74} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{53BCBAEF-3A8E-4FBE-8F36-40225D37F1A6} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{580A2164-5B36-4D40-8F8A-653A9CAB75D6} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{5A2F89E1-10C5-4F5E-A9B2-D7FD0E1A2F66} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{5AA07460-AA1A-4313-9750-C348A53BD2A6} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{5C3BE585-A8CB-4118-B3B5-3426FA66F9A0} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{5D32F68E-4BB8-4F9C-A4A1-EF3F5EEFC1FE} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{5E97DBB8-0399-4E17-B851-B24B0F3DBFA9} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{64F36872-E76B-4823-80A8-33CC1549D599} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{65EF30A3-C356-430D-BC8E-22C12C3A9696} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6B555034-7028-4609-BBEE-9F036097D36E} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6B9F9079-0105-48D9-9F36-5D109AB14074} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6CCB678B-A877-4AD4-9A99-82A7E5995723} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6D9CB08B-E579-45C9-93D2-1EC1CA32867E} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6E6BCAAF-411B-46AE-9FB9-9DB32F8949EB} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{6EDB0C6B-EFE6-4358-8297-EBC3A559DFD7} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{70381F68-4670-4944-94AA-571AF59C363D} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{719E268E-372F-4264-BAF3-7CCA16F8BE24} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{79764596-AF9F-4E73-BB05-32A1B05BD746} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{7F6F9651-0174-4B78-8E9B-B486CFD82269} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{80B34A29-C4B0-47AF-88F3-27823BE9D82E} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{8205D48A-2214-4662-815A-F260892CACD1} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{842FC947-BBB0-4D48-A5A5-CD785FFF418D} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{84BF97F5-16AC-4033-9B34-742EFC05742B} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{84CA83E0-F52A-4275-AA4B-37D331A263FB} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{85427CC8-D3FF-4E17-B67D-29F7B59CD3C8} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{86474CF7-551F-4C85-87D5-5A9371A27AC5} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{8B2A333C-9446-48CF-ADDD-7E756BDE914B} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{8EAE4015-67FF-40EA-88E8-90F211944D3C} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{8EC679B3-EA2D-459B-9856-7D67FD95FF98} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{91DCF83B-6AEB-4E75-983E-8C595C8F659B} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{9225E523-9ED1-4588-9970-3F084DA593EB} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{938FBC10-D019-494F-AE2A-BF862BEA9F93} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{952B4827-BE23-42F7-909D-A904A97E628A} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{9A8DD5C6-0E94-4A2C-BCD4-0DAB6B7A6EA3} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{9D38DC84-AB4F-4A1D-87D4-5BCFAB756077} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{9F1B2593-C87B-4F07-AE93-2D71D38B63AC} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{A2ACBD19-1C1A-4892-AA91-B4A04F5001ED} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{A2D9CDD0-3FE2-410C-952A-FC12832DB02C} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{A32D778C-B2D2-4B76-B75F-919D86369D53} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{A50E8446-1065-4042-86F4-A3C0292406E0} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{AF2D5871-9162-4D54-8B6F-FC4D048F7172} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{B230D1C7-4A09-469B-BC55-F4A5EA1532CE} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{B314159F-0F5D-4406-8817-71D02F5DD283} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{B6A14CBD-45F0-4DC6-97E5-F3558F6CE047} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{BA616716-1882-4DF1-B0D4-FFCEB1A43512} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C039189B-9C70-4411-B7B5-BDCAF08F7DA4} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C0A93F08-5896-4294-9BEC-E2E8F16DBC57} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C1E31F67-4456-47CA-9EEF-388BB3EB7F11} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C37F5902-A78E-4CE1-9287-99810E0F366F} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C43BBDB9-2652-4DDB-BE27-3E326CC7A35A} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C80ACAE3-10B2-4842-A68F-D76146563563} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{C91F47F4-8723-4774-9919-8B2575C715EE} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{CBA3528D-A327-48A7-8640-4FAF657B468C} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{CE79AA58-2C10-4FAE-8F91-00E657EA0E66} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{CFC508AE-976F-4A6B-A1E1-226E2962BF82} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{CFDBE8B4-8947-43BB-A041-50079308094B} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{D4CDEEA9-D703-4991-B58D-FF17673A5A41} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{D4F4DFA8-A6BC-4A20-8249-07E0CADB5EAF} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{D721C799-B267-41AB-9CE1-441B0BEBF744} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{D7473687-6422-4740-85CD-A7E3AE65A9F1} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{D8C6124C-877F-424C-AAD0-57C7934E3EBC} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{DA97C747-DE62-425A-B56A-941D164B4625} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{DC706839-FE10-4BEE-A6F8-C612CC7905B8} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{DFC44BBB-EE25-4677-9975-4BB880B2A138} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{E1F77799-D0D9-45FC-AAEE-61CD699D98BA} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{E564A4F5-67D2-4B1F-A668-37242E7C0A83} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{E86A240F-209C-4E45-B847-D0BD20BCC431} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{EB9D80B0-0F61-45DB-B9A0-F61074862204} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{F15EDFCB-EA45-4EFB-9CCB-B5E69F16CD99} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{F2A97496-B0D7-4E02-9A7E-716D3065D1CD} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{F537CC65-2346-408D-846E-AAA2EB60F443} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{F646D41B-E659-4C4D-8E38-CBE0A0081EAF} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{FD6AA260-195C-4429-BF2F-E37D64DFB7EA} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\AppData\Local\{FEBAFC28-5CF5-4934-A480-F47A12E4AFB8} (Empty Folder)
    Successfully deleted: C:\Users\Barbara\Appdata\LocalLow\ATTYToolbar (Folder)
    Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
    Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
    Successfully deleted: C:\WINDOWS\prefetch\DRIVERCONSOLEAPP.EXE-23D95800.pf (File)



    Registry: 1

    Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{CF729B85-4F13-45E7-A1EF-75A32EDBD532} (Registry Value)




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 01/24/2016 at 17:09:17.01
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,180
    Points
    1308

    Default

    Hello,

    RE: iYogi Support Dock
    To remove it, right click on the windows 10 start button, choose Programs an features. In the list find iYogi and remove it.

    Please re-run Adwcleaner and press the Clean button. Your logs shows just a scan was done.

    Then

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.


    Thanks
    Joe