# My laptop



## mkdsk (Dec 30, 2009)

My laptop, windows 7, has malware on it, I think, and I need help removing it. Here is the problem though. When ever on a browser web page like facebook, the screen jumps, flickers, lags. Hope someone can help and thanks. If anyone is willing to help I will do what ever I am told to do and get back to you ASAP each time. Thank you.


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, I know that you posted this awhile ago, but do you still require assistance?


----------



## mkdsk (Dec 30, 2009)

Well, I fixed the flickering but what program can I use to get rid of malware?


----------



## Joeicam (Oct 11, 2017)

Great, I'm happy you asked . I'm here to help you remove malware. There's several tools that we can use, and I will walk you through them. Let's get started...


----------



## Joeicam (Oct 11, 2017)

Hello *mkdsk*, and welcome to *Tech Support Guy*

My name is *Joeicam* , you can call me Joe, and I will be assisting you *every step* of the way.

*Please Note*: I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you have two people looking at your problem.

*If you have any questions or comments, or aren't quite sure about what to do,* *STOP AND ASK*.

*Before we begin*, please familiarize yourself with the following:

*Back up your files and folders*, as sometimes malware infections can be severe. It's a good habit to plan for the worst.
*Please follow my instructions exactly*, and *do not repeat any steps* more than once, unless instructed.
*Copy/Paste entire contents of your logs*, and submit inside your post, instead of submitting as an attachment, unless told otherwise.
If you have since *resolved the issues you were originally experiencing*, or *have received help elsewhere*, please inform me so that this topic can be closed.
*Finally*: 

As malware removal can be a *complicated, multistep process*, you should *stick with me* until I declare your system to be clean of all threats. It *may seem* like your system is running properly, but that *does not mean that the infection is completely gone.*
*You must reply to this post within four days*, if you do not, then the topic will be closed.
However, if you need more time to run the tools and fixes, or would like your topic to be reopened, please *PM me or any Moderator* to reactivate your topic.

*If I have not responded to your post within 24 hours, then send me a private message (PM).
Otherwise, all communication is done in the forums.*

*Let's get to work! *

*____________________________________________________________________________________________________*

*The fixes presented are specific to your problem and should only be used for the issue on this machine!*
*____________________________________________________________________________________________________*

You're correct to identify that PC Accelerate Pro is not a good program. These types of programs make it purposefully difficult to uninstall and often come with other unwanted programs. That being said, continue with the steps below, so that I can see a more detailed view and if there are any other unwanted programs that should be removed

*Step 1 of 1: FRST Scan*

Please download Farbar Recovery Scan Tool and save it to your Desktop.

*Note*: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator. When the tool opens click *Yes* to disclaimer.
Press *Scan* button.
It will produce logs called *FRST.txt* and *Addition.txt* in the same directory the tool is run from.
Please copy and paste the logs back here.


----------



## Joeicam (Oct 11, 2017)

Please ignore the part about PC Accelerate Pro .


----------



## mkdsk (Dec 30, 2009)

I am sorry but I need to put this on hold for now. My Laptop isn't booting up right now.


----------



## Joeicam (Oct 11, 2017)

Okay! That's fine. Does the machine even turn on? If it does, we might still be able to do something about it. How far into the startup process does it get?


----------



## mkdsk (Dec 30, 2009)

I need a new power up cord.


----------



## Joeicam (Oct 11, 2017)

Okay, just reply back when you can


----------



## mkdsk (Dec 30, 2009)

You interested in helping me with something else? If you are my Windows 7 PC needs some TLC and probably cleaning up?


----------



## Joeicam (Oct 11, 2017)

I would be happy to take a look at it. Go ahead and post your FRST logs. Please note I'm on vacation and will return on October 22nd, so my reaponses may be delayed.


----------



## mkdsk (Dec 30, 2009)

Do I do step 1 first?


----------



## mkdsk (Dec 30, 2009)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by MARK (administrator) on MARK-PC (19-10-2018 12:23:42)
Running from C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\dlbacoms.exe
( ) C:\Windows\System32\dleacoms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2130412082-872510349-2259372935-1000] => 23.105.173.166:80
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealDownloader)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-07-19] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-07-19] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-09-16]
FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-10-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-07-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-07-19] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC Digital Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-09-18] (Coupons, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://search.conduit.com/?ctid=CT3292715&SearchSource=48&CUI=UN78212901972922245&UM=2","hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_36.0.1985.125&apn_uid=18BF653D-4559-43C4-8703-3225ED0BEC5E&itbv=12.15.1.20&doi=2014-07-19&psv=&pt=tb","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2018-10-19]
CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]
CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Ebates: The Free Cash Back Shopping Assistant) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2018-10-19]
CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-14]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-03-15]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] ( )
R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] ( )
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] ( )
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1194512 2018-06-06] (Garmin Ltd. or its subsidiaries)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-06-05] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-08-27] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-08-22] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [539512 2018-08-22] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [490360 2018-08-22] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-07-27] (McAfee, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc.)
S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc.)
S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)
S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer-Networking Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78640 2018-08-27] (McAfee, LLC)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [507696 2018-08-27] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [368944 2018-08-27] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [534832 2018-08-27] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [969008 2018-08-27] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [557344 2018-08-13] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [110368 2018-08-13] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [117040 2018-08-27] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254256 2018-08-27] (McAfee, LLC)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (EldoS Corporation)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare)
U1 aswbdisk; no ImagePath
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
S3 mfeavfk03; \Device\mfeavfk03.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-19 12:22 - 2018-10-19 12:23 - 000000000 ___DC C:\FRST
2018-10-18 23:27 - 2018-10-18 23:35 - 000000000 ___DC C:\Users\MARK\Desktop\Moriah2
2018-10-17 11:24 - 2018-10-17 11:24 - 000001934 ____C C:\Users\Public\Desktop\McAfee Multi Access.lnk
2018-10-17 11:24 - 2018-10-17 11:24 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-10-16 10:54 - 2018-10-16 10:56 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\ControlCenter4
2018-10-15 23:52 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Brother
2018-10-15 23:52 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Brother
2018-10-15 21:47 - 2016-11-01 11:27 - 000090112 ____C (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2018-10-15 21:47 - 2015-06-16 21:39 - 000252928 ____C (brother) C:\Windows\system32\NSSRH64.dll
2018-10-15 21:47 - 2013-07-03 11:46 - 000065024 ____C (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2018-10-15 21:47 - 2013-03-08 15:45 - 000059904 ____C (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2018-10-15 21:47 - 2005-04-22 13:36 - 000143360 ____C C:\Windows\system32\BrSNMP64.dll
2018-10-15 21:29 - 2018-10-16 15:30 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\PowerENGAGE
2018-10-15 21:29 - 2018-10-15 21:29 - 000003584 ____C C:\Windows\System32\Tasks\PowerENGAGE
2018-10-15 21:28 - 2018-10-18 21:32 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
2018-10-15 21:27 - 2018-10-15 21:27 - 000000000 ___DC C:\Program Files\Nuance
2018-10-15 21:26 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Nuance
2018-10-15 21:26 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\zeon
2018-10-15 21:25 - 2018-10-15 23:52 - 000000000 ___DC C:\ProgramData\Nuance
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\ScanSoft
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\Program Files (x86)\Nuance
2018-10-15 21:25 - 2018-10-15 21:25 - 000001868 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2018-10-15 21:25 - 2018-10-15 21:25 - 000000000 ___DC C:\Users\MARK\Documents\MyWebPages
2018-10-15 21:21 - 2018-10-15 23:06 - 000002050 ____C C:\Users\Public\Desktop\Brother Creative Center.lnk
2018-10-15 21:21 - 2018-10-15 21:50 - 000000000 ___DC C:\Program Files (x86)\Browny02
2018-10-15 21:21 - 2018-10-15 21:21 - 000001676 ____C C:\Users\Public\Desktop\Brother Utilities.lnk
2018-10-15 21:20 - 2018-10-15 21:20 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4 CSDK
2018-10-15 21:19 - 2018-10-15 21:48 - 000000000 ___DC C:\ProgramData\ControlCenter4
2018-10-15 21:19 - 2018-10-15 21:48 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4
2018-10-15 21:18 - 2018-10-15 23:35 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-10-15 21:18 - 2018-10-15 21:18 - 000000948 ____C C:\Users\Public\Desktop\Brother iPrint&Scan.lnk
2018-10-15 21:15 - 2018-10-15 21:50 - 000000000 ___DC C:\ProgramData\Brother
2018-10-15 21:13 - 2018-10-15 23:35 - 000000000 ___DC C:\Program Files (x86)\Brother
2018-10-10 20:25 - 2018-10-10 20:40 - 000000000 ___DC C:\Users\MARK\Desktop\DOOR
2018-10-05 15:42 - 2018-10-05 15:42 - 000000000 ___DC C:\Users\MARK\AppData\LocalLow\Blue Jeans
2018-10-05 15:41 - 2018-10-05 15:47 - 000000000 ___DC C:\Users\MARK\AppData\Local\Blue Jeans
2018-09-20 12:13 - 2018-09-27 14:09 - 000000000 ___DC C:\Users\MARK\Desktop\Kitchen

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-19 12:23 - 2018-09-09 12:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
2018-10-19 11:47 - 2016-01-08 22:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps
2018-10-19 11:44 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-19 11:44 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-19 11:38 - 2009-07-14 01:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
2018-10-19 11:38 - 2009-07-13 23:20 - 000000000 ___DC C:\Windows\inf
2018-10-19 11:31 - 2009-07-14 01:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2018-10-18 11:33 - 2018-04-18 21:35 - 000000000 ___DC C:\Program Files (x86)\McAfee
2018-10-17 18:48 - 2013-05-11 14:35 - 000000900 __SHC C:\ProgramData\KGyGaAvL.sys
2018-10-17 11:48 - 2011-12-31 15:44 - 000000000 ___DC C:\Users\MARK
2018-10-17 11:21 - 2018-04-18 21:26 - 000000000 ___DC C:\Program Files\Common Files\McAfee
2018-10-17 11:19 - 2018-04-18 21:37 - 000003068 ____C C:\Windows\System32\Tasks\McAfeeLogon
2018-10-17 11:17 - 2018-04-18 21:36 - 000000000 ___DC C:\Windows\System32\Tasks\McAfee
2018-10-16 15:20 - 2018-04-18 21:35 - 000003312 ____C C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2018-10-16 00:29 - 2016-09-29 20:00 - 000000000 ___DC C:\Program Files (x86)\epson
2018-10-16 00:28 - 2016-09-29 20:01 - 000000000 ___DC C:\Program Files (x86)\EPSON Software
2018-10-16 00:28 - 2016-09-29 19:58 - 000000000 ___DC C:\ProgramData\EPSON
2018-10-16 00:28 - 2011-12-23 02:36 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2018-10-16 00:27 - 2016-09-29 20:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-15 23:34 - 2018-09-05 22:56 - 000000000 ___DC C:\Users\MARK\Desktop\House Photos During
2018-10-15 21:19 - 2012-11-21 13:09 - 000000000 ___DC C:\ProgramData\Package Cache
2018-10-10 20:39 - 2018-07-29 12:03 - 000000000 ___DC C:\Users\MARK\Desktop\Pool1
2018-10-09 11:43 - 2016-10-20 12:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-09 11:43 - 2016-10-20 12:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-09 11:43 - 2016-10-20 12:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-09 11:43 - 2016-10-20 12:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-09 11:43 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
2018-10-09 11:43 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\system32\Macromed
2018-10-09 11:38 - 2018-03-13 11:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-08 11:42 - 2017-05-06 19:29 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-04 21:24 - 2011-12-31 18:03 - 000000000 ___DC C:\Users\MARK\AppData\LocalLow\Adobe
2018-10-03 21:02 - 2012-01-23 20:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Audacity
2018-09-26 22:07 - 2013-04-02 16:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\HandBrake
2018-09-20 22:31 - 2018-07-08 00:12 - 000000000 ___DC C:\Users\MARK\Desktop\Pool
2018-09-20 12:20 - 2018-06-08 12:31 - 000000000 ___DC C:\Users\MARK\Desktop\House Photos Before
2018-09-19 23:19 - 2011-09-11 17:35 - 000000000 ___DC C:\Users\MARK\Desktop\EAGLES
2018-09-19 16:05 - 2018-02-14 00:04 - 000004476 ____C C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories =======

2013-04-29 18:57 - 2013-04-29 18:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
2017-08-04 20:04 - 2017-08-04 20:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
2016-03-13 00:48 - 2016-03-13 00:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
2013-11-21 13:22 - 2016-03-13 00:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
2013-11-21 13:22 - 2016-03-13 00:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
2013-11-21 13:22 - 2016-03-13 00:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
2013-11-21 13:22 - 2016-03-13 00:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
2015-03-21 20:25 - 2015-03-22 13:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
2015-03-21 20:25 - 2015-03-21 20:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-07-16 23:21 - 2017-05-08 11:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 16:24 - 2016-08-03 02:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
2013-05-16 15:25 - 2017-08-03 23:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
2013-02-22 20:31 - 2017-08-03 23:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
2015-03-15 11:04 - 2015-03-15 11:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

Some files in TEMP:
====================
2018-10-15 21:17 - 2018-10-15 21:17 - 370575664 ____C (Brother Industries, Ltd.) C:\Users\MARK\AppData\Local\Temp\ips_setup.exe
2018-10-16 00:29 - 2006-05-24 13:10 - 000455600 ____C (Macrovision Corporation) C:\Users\MARK\AppData\Local\Temp\_is5738.exe
2018-10-16 00:28 - 2018-03-11 19:07 - 000455600 ____C (Macrovision Corporation) C:\Users\MARK\AppData\Local\Temp\_isBC7F.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 12:53

==================== End of FRST.txt ============================


----------



## mkdsk (Dec 30, 2009)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by MARK (19-10-2018 12:26:01)
Running from C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{20AB389B-8602-403C-B19B-F0A1D6C510A5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.2.1) (Version: 5.0.2.1 - Coupons.com Incorporated)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{6E257EB0-5EFF-416D-82D4-592924566BB4}) (Version: 6.5.1.0 - Garmin Ltd or its subsidiaries) Hidden
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Garmin Express (HKLM-x32\...\{3e534d41-dcc4-4f51-9858-70dd42beb3d5}) (Version: 6.5.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E1C18A5C-63D7-4DC5-977F-5B4BAB4169D9}) (Version: 6.5.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R14 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.203 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC Digital Corp.)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-07-19] (McAfee, Inc.)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-07-19] (McAfee, Inc.)
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [2018-02-28] ()
Task: {0F3381FD-8A96-40B5-A106-23ECD61BCA96} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-06-06] ()
Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {2BFC4343-96A9-4C7C-ACC8-C018C0DD58EE} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.)
Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3152D7AD-7C3C-48DA-A6CD-010BD1AA199A} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-07-13] (McAfee, Inc.)
Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-06-11] (McAfee, Inc.)
Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {7DAB0AF4-D9C8-4C6B-B5E1-773F85640165} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {A0337C78-7B2C-41F7-8539-5742AC34C4D2} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2016-06-12 21:38 - 2016-01-22 16:57 - 000089008 ____C () C:\Windows\System32\cpwmon64.dll
2013-08-30 18:05 - 2010-07-19 09:12 - 000394272 _____ () C:\Windows\system32\spool\DRIVERS\x64\x64v05.dll
2013-06-05 13:25 - 2007-02-20 08:30 - 000116224 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlbapp6c.dll
2011-12-31 15:54 - 2009-11-04 09:18 - 000189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-29 16:34 - 2018-06-29 16:34 - 000896136 ____C () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 ____C () C:\Program Files\iTunes\libxml2.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 000088888 ____C () C:\Program Files\iTunes\zlib1.dll
2018-10-15 21:47 - 2005-04-22 13:36 - 000143360 ____C () C:\Windows\system32\BrSNMP64.dll
2018-09-17 16:48 - 2018-09-15 04:26 - 005110616 ____C () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 16:48 - 2018-09-15 04:26 - 000116056 ____C () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 ____C () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 ____C () C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 ____C () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 ____C () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 001852928 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsScanCoreApi.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 000086528 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsDeviceAccs.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 000112128 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsNetDevAccs.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 ____C () C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-07-29 17:06 - 2017-12-22 12:53 - 000025299 ____C () C:\Program Files (x86)\Browny02\brlm03a.dll
2016-07-29 17:06 - 2017-12-22 12:53 - 000180224 ____C () C:\Program Files (x86)\Browny02\BroSNMP.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 ____C () C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 ____C () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 ____C () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:7578EF04 [131]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

There are 7716 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-04-23 20:26 - 000000093 ____C C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.eom

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3192CDDC-51F9-44E9-BDDE-9BFFA73BC022}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe

==================== Restore Points =========================

09-06-2018 10:54:40 Scheduled Checkpoint
11-06-2018 11:26:35 Garmin Express
12-06-2018 01:20:48 Restore Operation
12-06-2018 11:52:51 Removed Safari

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: zeonetfilter
Description: zeonetfilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: zeonetfilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2018 12:27:26 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:27:26.150]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:26:43 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:26:43.846]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:26:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:26:36.796]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:26:29 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:26:29.745]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:25:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:25:47.443]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:25:40 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:25:40.392]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:25:33 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:25:33.342]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (10/19/2018 12:24:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/10/19 12:24:51.039]: [00005412]: Error GetInkSupplyType Send ( ErrCode == 5 )

System errors:
=============
Error: (10/19/2018 11:43:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (10/19/2018 11:43:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (10/19/2018 11:43:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (10/19/2018 11:43:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (10/19/2018 11:43:05 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (10/19/2018 11:43:05 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (10/19/2018 11:42:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (10/19/2018 11:42:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Windows Defender:
===================================
Date: 2012-12-06 12:38:35.266
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-07-10 23:19:38.373
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-09-29 11:39:42.279
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-10 17:02:44.289
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-07 15:20:31.801
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-03 21:06:50.287
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-01-26 13:24:20.802
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.751
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.695
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.648
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.105
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.044
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.973
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.851
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8174.45 MB
Available physical RAM: 963.9 MB
Total Virtual: 16347.07 MB
Available Virtual: 5653.38 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:68.12 GB) NTFS

\\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


----------



## mkdsk (Dec 30, 2009)

First step is done.


----------



## Joeicam (Oct 11, 2017)

Great thank you! Flight complications. I will go through your logs tonight and post back with instructions tomorrow


----------



## mkdsk (Dec 30, 2009)

Ahhh, no problem.....


----------



## Joeicam (Oct 11, 2017)

Just a quick update. I'm almost finished analyzing your logs . I will be finished tonight and will have my post to you reviewed by my instructor. In the meantime, would you still like me to check out your laptop? I think it would be best to do the machines one at time, but I just thought I would ask.


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, thanks for bearing with me.

First I want to ask if you're familiar with the following proxy:


> ProxyServer: [S-1-5-21-2130412082-872510349-2259372935-1000] => 23.105.173.166:80


 It looks like you were on the forums 2 years back and the same question was asked of you. It doesn't appear that the EasyHideIPVPN program is still installed, but the proxy remains.


----------



## mkdsk (Dec 30, 2009)

We can just work on this PC for now and the laptop another time. I am not familiar with that proxy.


----------



## Joeicam (Oct 11, 2017)

Great! We can go ahead and clean that up. I'll post back with further instructions once my post is approved


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, please continue with the steps below.

*Step 1 of 5: Uninstalling Programs*

Please *uninstall the following programs*. Do so by *pressing* the Windows key + R > *type in:* control panel, *press enter* > *select* Uninstall a program >* finding and uninstalling the programs below*
These programs include: 

*Coupon Printer for Windows*
*Note:* During the uninstall process, some of these programs will *attempt to scare you* into keeping the program installed. However, know that these are *indeed malware related*. If you do not understand a certain message, please contact me about it.

*Step 2 of 5: Fix with FRST*

*NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.*

*NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system*

*Open* FRST. Please *copy the entire contents* of the code box below, excluding the word "Quote". (To do this highlight the contents of the box, right click on it and *select *copy.

*Navigate* back to FRST and *click on Fix*



> start::
> CreateRestorePoint:
> EmptyTemp:
> RemoveProxy:
> ...


If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

*Step 3 of 5: Scan with VirusTotal*

*Navigate* to VirusTotal

*Click* on Choose file, and *navigate* to: C:\Windows\system32\drivers\

And *Choose File*: "upzocdbr.sys" 

Click on the file to select it, and click "Open" > click on "OK" in the dialog box. 

Wait for the scan to finish

Copy the URL and paste it in your next reply

*Step 4 of 5: **Clean with AdwCleaner*

Download AdwCleaner from here. Save the file to the desktop.

*Close all open windows and browsers.*

*XP users:* Double click the *AdwCleaner* icon to start the program.
*Vista/7/8/10 users:* Right click the *AdwCleaner* icon on the desktop, click *Run as administrator* and accept the UAC prompt to run AdwCleaner.
You will see the following console:









Click the *Scan Now* button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: * Scan results - "Clean & Repair" will remove the selected threats from your computer*.
Click the *Clean & Repair* button.
*Everything checked* will be moved to Quarantine.
*Click on Clean & Restart Now*









On reboot a screen similar to the one below will be displayed.









Click on "View Log File" and copy/paste that in your next reply. This report is also saved to *C:\AdwCleaner\Logs\AdwCleaner[C00].txt*

*Step 5 of 5:**Re-Scan with FRST*

Please *move FRST* from your *Downloads* folder to your *Desktop*.

Right-click the application and select run as administrator. When the tool opens click *Yes* to disclaimer.
Press *Scan* button.
It will produce logs called *FRST.txt* and *Addition.txt* in the same directory the tool is run from.
Please copy and paste the logs back here.
===============================================

*When you reply to me, I need to see:*

Any questions/concerns you might have, or if you were not able to complete any of the steps above

The copied and pasted results of the fixlog.txt from the FRST fix from Step 2
The copied and pasted Virus Total URL
The copied and pasted contents of the Adwcleaner log
The copied and pasted contents of the FRST.txt and Additions.txt logs


----------



## mkdsk (Dec 30, 2009)

I didn’t get informed that you posted this I am so sorry. I will do this ASAP


----------



## Joeicam (Oct 11, 2017)

No worries, take your time


----------



## mkdsk (Dec 30, 2009)

I am not sure what you want me to do in step 2? I don't understand it.


----------



## Joeicam (Oct 11, 2017)

Which part are you having troubles on?


----------



## mkdsk (Dec 30, 2009)

What does * Fix with FRST mean? I lost right at that first part. *


----------



## mkdsk (Dec 30, 2009)

*It says Open* FRST. What am I opening?


----------



## Joeicam (Oct 11, 2017)

FRST is the application you downloaded and scanned your computer with in Step 1 on the first page. "Fix with FRST" is the heading and the directions are below it.


----------



## mkdsk (Dec 30, 2009)

Ahhhhhh, okay. That was for the laptop that we were going to do but then I asked for help with my PC. I thought we were completely starting over with my PC...


----------



## mkdsk (Dec 30, 2009)

Here is those scans again. I re ran them

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by MARK (administrator) on MARK-PC (02-11-2018 13:26:07)
Running from C:\Users\MARK\Desktop\APPLE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\dlbacoms.exe
( ) C:\Windows\System32\dleacoms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2130412082-872510349-2259372935-1000] => 23.105.173.166:80
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealDownloader)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-10-04] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-10-04] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-09-16]
FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-10-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC Digital Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-09-18] (Coupons, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://search.conduit.com/?ctid=CT3292715&SearchSource=48&CUI=UN78212901972922245&UM=2","hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_36.0.1985.125&apn_uid=18BF653D-4559-43C4-8703-3225ED0BEC5E&itbv=12.15.1.20&doi=2014-07-19&psv=&pt=tb","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2018-11-02]
CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-27]
CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-26]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-03-15]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] ( )
R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] ( )
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] ( )
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-06-05] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-10-04] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-08-22] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [539512 2018-08-22] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [490360 2018-08-22] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-07-27] (McAfee, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc.)
S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc.)
S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)
S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer-Networking Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77336 2018-10-03] (McAfee, LLC)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [235784 2018-10-02] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [367664 2018-10-03] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [533520 2018-10-03] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [967696 2018-10-03] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [555824 2018-10-02] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252952 2018-10-03] (McAfee, LLC)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (EldoS Corporation)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare)
U1 aswbdisk; no ImagePath
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
S3 mfeavfk03; \Device\mfeavfk03.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-28 22:46 - 2018-10-29 15:37 - 000000000 ___DC C:\Users\MARK\Desktop\Hell2
2018-10-26 23:41 - 2018-10-27 00:06 - 000000000 ___DC C:\Users\MARK\Desktop\Rym Brothers
2018-10-26 11:43 - 2018-10-26 11:43 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-10-19 12:22 - 2018-11-02 13:26 - 000000000 ___DC C:\FRST
2018-10-18 23:27 - 2018-10-18 23:35 - 000000000 ___DC C:\Users\MARK\Desktop\Moriah2
2018-10-17 11:24 - 2018-10-17 11:24 - 000001934 ____C C:\Users\Public\Desktop\McAfee Multi Access.lnk
2018-10-17 11:24 - 2018-10-17 11:24 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-10-16 10:54 - 2018-10-16 10:56 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\ControlCenter4
2018-10-15 23:52 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Brother
2018-10-15 23:52 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Brother
2018-10-15 21:47 - 2016-11-01 11:27 - 000090112 ____C (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2018-10-15 21:47 - 2015-06-16 21:39 - 000252928 ____C (brother) C:\Windows\system32\NSSRH64.dll
2018-10-15 21:47 - 2013-07-03 11:46 - 000065024 ____C (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2018-10-15 21:47 - 2013-03-08 15:45 - 000059904 ____C (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2018-10-15 21:47 - 2005-04-22 13:36 - 000143360 ____C C:\Windows\system32\BrSNMP64.dll
2018-10-15 21:29 - 2018-10-16 15:30 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\PowerENGAGE
2018-10-15 21:29 - 2018-10-15 21:29 - 000003584 ____C C:\Windows\System32\Tasks\PowerENGAGE
2018-10-15 21:28 - 2018-11-02 11:49 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
2018-10-15 21:27 - 2018-10-15 21:27 - 000000000 ___DC C:\Program Files\Nuance
2018-10-15 21:26 - 2018-10-15 23:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Nuance
2018-10-15 21:26 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\zeon
2018-10-15 21:25 - 2018-10-15 23:52 - 000000000 ___DC C:\ProgramData\Nuance
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\ScanSoft
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2018-10-15 21:25 - 2018-10-15 21:26 - 000000000 ___DC C:\Program Files (x86)\Nuance
2018-10-15 21:25 - 2018-10-15 21:25 - 000001868 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2018-10-15 21:25 - 2018-10-15 21:25 - 000000000 ___DC C:\Users\MARK\Documents\MyWebPages
2018-10-15 21:21 - 2018-10-15 23:06 - 000002050 ____C C:\Users\Public\Desktop\Brother Creative Center.lnk
2018-10-15 21:21 - 2018-10-15 21:50 - 000000000 ___DC C:\Program Files (x86)\Browny02
2018-10-15 21:21 - 2018-10-15 21:21 - 000001676 ____C C:\Users\Public\Desktop\Brother Utilities.lnk
2018-10-15 21:20 - 2018-10-15 21:20 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4 CSDK
2018-10-15 21:19 - 2018-10-15 21:48 - 000000000 ___DC C:\ProgramData\ControlCenter4
2018-10-15 21:19 - 2018-10-15 21:48 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4
2018-10-15 21:18 - 2018-10-15 23:35 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-10-15 21:18 - 2018-10-15 21:18 - 000000948 ____C C:\Users\Public\Desktop\Brother iPrint&Scan.lnk
2018-10-15 21:15 - 2018-10-15 21:50 - 000000000 ___DC C:\ProgramData\Brother
2018-10-15 21:13 - 2018-10-15 23:35 - 000000000 ___DC C:\Program Files (x86)\Brother
2018-10-10 20:25 - 2018-10-10 20:40 - 000000000 ___DC C:\Users\MARK\Desktop\DOOR
2018-10-05 15:42 - 2018-10-05 15:42 - 000000000 ___DC C:\Users\MARK\AppData\LocalLow\Blue Jeans
2018-10-05 15:41 - 2018-10-05 15:47 - 000000000 ___DC C:\Users\MARK\AppData\Local\Blue Jeans

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-02 13:26 - 2018-03-25 10:43 - 000000000 ___DC C:\Users\MARK\Desktop\APPLE
2018-11-02 11:52 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-02 11:52 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-02 11:39 - 2009-07-14 01:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2018-11-01 19:00 - 2016-01-08 22:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps
2018-11-01 12:04 - 2018-09-09 12:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
2018-11-01 12:04 - 2013-04-02 16:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\HandBrake
2018-10-29 23:11 - 2015-12-25 00:01 - 000000000 ___DC C:\Users\MARK\Desktop\Screen shots
2018-10-29 22:13 - 2013-05-11 14:35 - 000000900 __SHC C:\ProgramData\KGyGaAvL.sys
2018-10-29 20:38 - 2011-12-31 15:44 - 000000000 ___DC C:\Users\MARK
2018-10-29 12:00 - 2015-08-05 13:09 - 000000000 ___DC C:\Users\MARK\Desktop\Fairy
2018-10-26 12:35 - 2009-07-14 01:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
2018-10-26 12:35 - 2009-07-13 23:20 - 000000000 ___DC C:\Windows\inf
2018-10-26 11:43 - 2014-08-14 14:45 - 000003554 ____C C:\Windows\System32\Tasks\GarminUpdaterTask
2018-10-26 11:43 - 2014-07-25 15:36 - 000000000 ___DC C:\Program Files (x86)\Garmin
2018-10-26 11:43 - 2012-11-21 13:09 - 000000000 ___DC C:\ProgramData\Package Cache
2018-10-25 18:47 - 2015-06-22 20:15 - 000002226 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-25 18:47 - 2015-06-22 20:15 - 000002185 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-25 09:09 - 2018-04-18 21:35 - 000000000 ___DC C:\Program Files (x86)\McAfee
2018-10-25 08:55 - 2018-04-18 21:37 - 000003068 ____C C:\Windows\System32\Tasks\McAfeeLogon
2018-10-25 08:55 - 2018-04-18 21:26 - 000000000 ___DC C:\Program Files\Common Files\McAfee
2018-10-23 22:09 - 2017-05-06 19:29 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-20 15:58 - 2011-12-23 02:52 - 000000000 ___DC C:\ProgramData\Roxio
2018-10-17 11:17 - 2018-04-18 21:36 - 000000000 ___DC C:\Windows\System32\Tasks\McAfee
2018-10-16 15:20 - 2018-04-18 21:35 - 000003312 ____C C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2018-10-16 00:29 - 2016-09-29 20:00 - 000000000 ___DC C:\Program Files (x86)\epson
2018-10-16 00:28 - 2016-09-29 20:01 - 000000000 ___DC C:\Program Files (x86)\EPSON Software
2018-10-16 00:28 - 2016-09-29 19:58 - 000000000 ___DC C:\ProgramData\EPSON
2018-10-16 00:28 - 2011-12-23 02:36 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2018-10-16 00:27 - 2016-09-29 20:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-15 23:34 - 2018-09-05 22:56 - 000000000 ___DC C:\Users\MARK\Desktop\House Photos During
2018-10-10 20:39 - 2018-07-29 12:03 - 000000000 ___DC C:\Users\MARK\Desktop\Pool1
2018-10-09 11:43 - 2016-10-20 12:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-09 11:43 - 2016-10-20 12:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-09 11:43 - 2016-10-20 12:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-09 11:43 - 2016-10-20 12:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-09 11:43 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
2018-10-09 11:43 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\system32\Macromed
2018-10-09 11:38 - 2018-03-13 11:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-04 21:24 - 2011-12-31 18:03 - 000000000 ___DC C:\Users\MARK\AppData\LocalLow\Adobe
2018-10-03 21:02 - 2012-01-23 20:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Audacity
2018-10-03 08:38 - 2018-01-31 10:06 - 000967696 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfehidk.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000533520 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfefirek.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000506384 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfeaack.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000367664 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfeavfk.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000252952 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfewfpk.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000115728 ____C (McAfee, LLC) C:\Windows\system32\Drivers\mfeplk.sys
2018-10-03 08:38 - 2018-01-31 10:06 - 000077336 ____C (McAfee, LLC) C:\Windows\system32\Drivers\cfwids.sys

==================== Files in the root of some directories =======

2013-04-29 18:57 - 2013-04-29 18:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
2017-08-04 20:04 - 2017-08-04 20:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
2016-03-13 00:48 - 2016-03-13 00:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
2013-11-21 13:22 - 2016-03-13 00:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
2013-11-21 13:22 - 2016-03-13 00:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
2013-11-21 13:22 - 2016-03-13 00:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
2013-11-21 13:22 - 2016-03-13 00:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
2015-03-21 20:25 - 2015-03-22 13:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
2015-03-21 20:25 - 2015-03-21 20:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-07-16 23:21 - 2017-05-08 11:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 16:24 - 2016-08-03 02:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
2013-05-16 15:25 - 2017-08-03 23:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
2013-02-22 20:31 - 2017-08-03 23:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
2015-03-15 11:04 - 2015-03-15 11:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

Some files in TEMP:
====================
2018-10-16 00:29 - 2006-05-24 13:10 - 000455600 ____C (Macrovision Corporation) C:\Users\MARK\AppData\Local\Temp\_is5738.exe
2018-10-16 00:28 - 2018-03-11 19:07 - 000455600 ____C (Macrovision Corporation) C:\Users\MARK\AppData\Local\Temp\_isBC7F.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-25 08:43

==================== End of FRST.txt ============================


----------



## mkdsk (Dec 30, 2009)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by MARK (02-11-2018 13:27:17)
Running from C:\Users\MARK\Desktop\APPLE
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R14 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.203 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC Digital Corp.)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [2018-02-28] ()
Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {2BFC4343-96A9-4C7C-ACC8-C018C0DD58EE} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.)
Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
Task: {4DD05920-3129-4DFD-BA6F-E6EFE67BC532} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {6E67EAE3-CD36-4E83-9602-0F43C500743F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-07-13] (McAfee, Inc.)
Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-06-11] (McAfee, Inc.)
Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {7DAB0AF4-D9C8-4C6B-B5E1-773F85640165} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {A0337C78-7B2C-41F7-8539-5742AC34C4D2} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2016-06-12 21:38 - 2016-01-22 16:57 - 000089008 ____C () C:\Windows\System32\cpwmon64.dll
2013-08-30 18:05 - 2010-07-19 09:12 - 000394272 _____ () C:\Windows\system32\spool\DRIVERS\x64\x64v05.dll
2013-06-05 13:25 - 2007-02-20 08:30 - 000116224 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlbapp6c.dll
2011-12-31 15:54 - 2009-11-04 09:18 - 000189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-29 16:34 - 2018-06-29 16:34 - 000896136 ____C () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 ____C () C:\Program Files\iTunes\libxml2.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 000088888 ____C () C:\Program Files\iTunes\zlib1.dll
2018-10-15 21:47 - 2005-04-22 13:36 - 000143360 ____C () C:\Windows\system32\BrSNMP64.dll
2018-10-25 18:47 - 2018-10-23 17:24 - 005020504 ____C () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 18:47 - 2018-10-23 17:24 - 000116056 ____C () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 ____C () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 ____C () C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 ____C () C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-07-29 17:06 - 2017-12-22 12:53 - 000025299 ____C () C:\Program Files (x86)\Browny02\brlm03a.dll
2016-07-29 17:06 - 2017-12-22 12:53 - 000180224 ____C () C:\Program Files (x86)\Browny02\BroSNMP.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 ____C () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 ____C () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 001852928 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsScanCoreApi.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 000086528 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsDeviceAccs.dll
2017-10-19 19:32 - 2017-10-19 19:32 - 000112128 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsNetDevAccs.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 ____C () C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 ____C () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 ____C () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:7578EF04 [131]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

There are 7716 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-04-23 20:26 - 000000093 ____C C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.eom

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{3A92F40F-A3E7-4090-9FFD-FEA0BB48FCE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-06-2018 10:54:40 Scheduled Checkpoint
11-06-2018 11:26:35 Garmin Express
12-06-2018 01:20:48 Restore Operation
12-06-2018 11:52:51 Removed Safari

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: zeonetfilter
Description: zeonetfilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: zeonetfilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2018 01:28:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:28:02.593]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:27:55 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:27:55.543]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:27:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:27:13.240]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:27:06 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:27:06.190]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:26:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:26:59.140]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:26:16 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:26:16.837]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:26:09 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:26:09.787]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (11/02/2018 01:26:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2018/11/02 13:26:02.736]: [00003480]: Error GetInkSupplyType Send ( ErrCode == 5 )

System errors:
=============
Error: (11/02/2018 01:25:02 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MARK-PC :0" could not be registered on the interface with IP address 192.168.0.10.
The computer with the IP address 192.168.0.2 did not allow the name to be claimed by
this computer.

Error: (11/02/2018 01:24:09 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MARK-PC :0" could not be registered on the interface with IP address 192.168.0.10.
The computer with the IP address 192.168.0.2 did not allow the name to be claimed by
this computer.

Error: (11/02/2018 12:20:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "MARK-PC :0" could not be registered on the interface with IP address 192.168.0.10.
The computer with the IP address 192.168.0.2 did not allow the name to be claimed by
this computer.

Error: (11/02/2018 11:48:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/02/2018 11:48:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/02/2018 11:48:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/02/2018 11:48:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/02/2018 11:48:01 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Windows Defender:
===================================
Date: 2012-12-06 12:38:35.266
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-07-10 23:19:38.373
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-09-29 11:39:42.279
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-10 17:02:44.289
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-07 15:20:31.801
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-03 21:06:50.287
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-01-26 13:24:20.802
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.751
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.695
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.648
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.105
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.044
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.973
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.851
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 62%
Total physical RAM: 8174.45 MB
Available physical RAM: 3104 MB
Total Virtual: 16347.07 MB
Available Virtual: 10531.11 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:29.73 GB) NTFS
Drive f: (CANON) (Removable) (Total:28.96 GB) (Free:9.52 GB) FAT32

\\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ===


----------



## Joeicam (Oct 11, 2017)

> Ahhhhhh, okay. That was for the laptop that we were going to do but then I asked for help with my PC. I thought we were completely starting over with my PC...


That's correct. You provided the FRST logs for your PC back in post 14 . So we will be working on cleaning up your PC first.



> Here is those scans again. I re ran them


Thanks for providing those!

Now what I would like you to do, is go back to post 23, and follow steps 1 - 5 .


----------



## mkdsk (Dec 30, 2009)

That part that you want me to copy and paste. What will that do?


----------



## Joeicam (Oct 11, 2017)

That will clean up some of the entries on your computer that me and my instructor researched. The goal is to make your computer run faster and more efficiently.


----------



## mkdsk (Dec 30, 2009)

Will it delete anything on my computer that I might want on it and will it do anything to my Chrome settings?


----------



## Joeicam (Oct 11, 2017)

Will it delete anything on my computer that I might want on it and will it do anything to my Chrome settings?
Nope, it won't delete any files/folders. As far as Chrome goes, the only thing it will do is reset your homepage. It looks like you have facebook to load which is fine, but the other websites that are loaded such as search.conduit, search.ask, and websearch are generally unwanted. Is there a specific part of your Chrome settings that you are concerned about? Here's a neat article that will show you how you can backup your settings and other information within Google Chrome, so you can have it across all of your devices.


----------



## mkdsk (Dec 30, 2009)

I have my chrome set up to start off where I left off and things like that. I don't want any of my setting that I have set now on chrome to be changed at all.


----------



## Joeicam (Oct 11, 2017)

Okay, well keep in mind that when I run my tools and fixes the only thing that will be removed/changed are the malicious items or the things that might be slowing down your computer. The FRST script is manual, and the other tools are automatic. The idea is to remove the bad, keep the good, make your computer run faster, and keep the changes at a minimum. The setting I believe you are referring to is the "Continue where you left off setting". You can read more here. Let me know if you want to continue with the cleaning up.


----------



## mkdsk (Dec 30, 2009)

So the Continue where you left off setting will not be reset, correct?


----------



## mkdsk (Dec 30, 2009)

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by MARK (04-11-2018 17:47:02) Run:1
Running from C:\Users\MARK\Desktop\APPLE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
RemoveProxy:
C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:7578EF04 [131]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] => not found
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://search.conduit.com/?ctid=CT3292715&SearchSource=48&CUI=UN78212901972922245&UM=2","hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_36.0.1985.125&apn_uid=18BF653D-4559-43C4-8703-3225ED0BEC5E&itbv=12.15.1.20&doi=2014-07-19&psv=&pt=tb","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]

*****************

Error: (0) Failed to create a restore point.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully
"HKU\S-1-5-21-2130412082-872510349-2259372935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2130412082-872510349-2259372935-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

"C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION" => not found
C:\ProgramData\Temp => ":7578EF04" ADS removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11261689 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 91993311 B
Edge => 0 B
Chrome => 418670530 B
Firefox => 757024 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 2012888 B
systemprofile32 => 128 B
LocalService => 3833 B
NetworkService => 3726056 B
MARK => 447027347 B
Administrator => 0 B

RecycleBin => 337621 B
EmptyTemp: => 938.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:48:33 ====


----------



## Joeicam (Oct 11, 2017)

So the Continue where you left off setting will not be reset, correct?
That's correct. I've done tests on my own machine, and that setting stayed the same.

Do you have the results of the other scans from the other steps?


----------



## mkdsk (Dec 30, 2009)

I did that one thing and it reset my "Continue where you left off setting" and I lost all of my start up tabs that I had when ever I signed on.


----------



## Joeicam (Oct 11, 2017)

I apologize for that. I'm not sure why that happened. I did a test on my own machine twice to verify and the setting was still there. However, the important thing is to remove the malicious items on your machine, and then we can get it back to where you want it to be. Could you please provide the results of the other scans?


----------



## mkdsk (Dec 30, 2009)

I can't find "upzocdbr.sys" file.


----------



## Joeicam (Oct 11, 2017)

Okay, great. If you can, just go through the last remaining steps, Steps 4 and 5, one right after the other and post the results back. That would be ideal . Thanks


----------



## mkdsk (Dec 30, 2009)

How do I find upzocdbr.sys?


----------



## Joeicam (Oct 11, 2017)

If you can't find it at that location, then that's fine. That's actually what I wanted to see. Sometimes FRST can't see the files if they're hidden by a malicious program. Please continue with the other steps


----------



## mkdsk (Dec 30, 2009)

I am not sure you are understanding me. You told me to 
*Scan with VirusTotal*

*Navigate* to VirusTotal

*Click* on Choose file, and *navigate* to: C:\Windows\system32\drivers\

And *Choose File*: "upzocdbr.sys" 
How do I navigate to C:\Windows\system32\drivers\ so I can get to upzocdbr.sys?


----------



## Joeicam (Oct 11, 2017)

Oooh, thank you for clarifying. This here "C:\Windows\system32\drivers\" is called a file path. Basically, each section of that file path is divided with the "\" marks, and each section is a specific location on your computer. For example, C: is the hard drive of your computer, Windows is a folder, as are system32 and drivers. Within the drivers folder is where I want you to look for upzocdbr.sys.

The easiest way to get to the "upzocdbr.sys" location is when you click on the "Choose file" button on VirusTotal: Single left-click on Computer as is highlighted on the left in the screen print below. Next, double-click where it shows "Local Disk C" or something similar with "C:". Next, look for the "Windows" folder inside of that > double-left click it, then look for "system32" inside of that > double-left click, and then look for the "drivers" folder > double-left click that. Within the driver's folder see if there is a file named "upzocdbr.sys". Keep in mind that it might not be found. Let me know the results.










I hope that made sense, if it doesn't I can explain it further.


----------



## mkdsk (Dec 30, 2009)

upzocdbr.sys was not in there.


----------



## Joeicam (Oct 11, 2017)

That's good, please continue with steps 4 and 5


----------



## mkdsk (Dec 30, 2009)

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2018
# Duration: 00:00:07
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9676 octets] - [29/08/2018 17:34:07]
AdwCleaner[C00].txt - [8630 octets] - [29/08/2018 17:35:29]
AdwCleaner[S01].txt - [1371 octets] - [29/08/2018 18:40:20]
AdwCleaner[S02].txt - [1440 octets] - [13/11/2018 21:59:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########


----------



## mkdsk (Dec 30, 2009)

Now if I do step 5 it is going to again reset my chrome start up tabs. I don't want that to happen again.


----------



## Joeicam (Oct 11, 2017)

Not with Step 5, it is only a scan. No changes to your computer will be made. It's the same scan that we did when we first started.


----------



## mkdsk (Dec 30, 2009)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018
Ran by MARK (14-11-2018 15:07:08)
Running from C:\Users\MARK\Desktop\APPLE
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R14 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.203 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC Digital Corp.)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [2018-02-28] ()
Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {2BFC4343-96A9-4C7C-ACC8-C018C0DD58EE} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.)
Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
Task: {4DD05920-3129-4DFD-BA6F-E6EFE67BC532} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {6E67EAE3-CD36-4E83-9602-0F43C500743F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-07-13] (McAfee, Inc.)
Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-06-11] (McAfee, Inc.)
Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {7DAB0AF4-D9C8-4C6B-B5E1-773F85640165} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {8050181F-AF64-4DE6-82EA-0DF5FB151078} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.6.319\mcdatrep.exe [2018-09-04] (McAfee, LLC.)
Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-13] (Adobe Systems Incorporated)
Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {A0337C78-7B2C-41F7-8539-5742AC34C4D2} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_pepper.exe [2018-11-13] (Adobe Systems Incorporated)
Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-13] (Adobe Systems Incorporated)
Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-12 20:38 - 2016-01-22 15:57 - 000089008 ____C () C:\Windows\System32\cpwmon64.dll
2013-08-30 17:05 - 2010-07-19 08:12 - 000394272 _____ () C:\Windows\system32\spool\DRIVERS\x64\x64v05.dll
2013-06-05 12:25 - 2007-02-20 07:30 - 000116224 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlbapp6c.dll
2011-12-31 14:54 - 2009-11-04 08:18 - 000189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001356088 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-15 20:47 - 2005-04-22 12:36 - 000143360 ____C () C:\Windows\system32\BrSNMP64.dll
2018-06-29 15:34 - 2018-06-29 15:34 - 000896136 ____C () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 001356088 ____C () C:\Program Files\iTunes\libxml2.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 000088888 ____C () C:\Program Files\iTunes\zlib1.dll
2018-11-13 22:47 - 2018-11-08 17:14 - 005020504 ____C () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-13 22:47 - 2018-11-08 17:14 - 000116056 ____C () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-02-28 11:58 - 2018-02-28 11:58 - 001270560 ____C () c:\program files (x86)\real\RealDownloader\downloader2.exe
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 ____C () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 ____C () C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-04-05 08:53 - 2017-11-07 18:55 - 000137728 ____C () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 08:53 - 2017-11-07 18:55 - 000440832 ____C () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-10-19 18:32 - 2017-10-19 18:32 - 001852928 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsScanCoreApi.dll
2017-10-19 18:32 - 2017-10-19 18:32 - 000086528 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsDeviceAccs.dll
2017-10-19 18:32 - 2017-10-19 18:32 - 000112128 ____C () C:\Windows\Twain_32\Brimm17a\Common\BsNetDevAccs.dll
2017-01-27 14:33 - 2017-11-07 19:04 - 000087040 ____C () C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 000087552 ____C () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 017974784 ____C () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

There are 7716 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-04-23 19:26 - 000000093 ____C C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.eom

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{556EE7B8-B071-4CA0-856E-69B8C31606EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: zeonetfilter
Description: zeonetfilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: zeonetfilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: DW1501 Wireless-N WLAN Half-Mini Card
Description: DW1501 Wireless-N WLAN Half-Mini Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2018 01:28:14 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x80070070).

Error: (11/14/2018 01:28:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070070).

Error: (11/14/2018 11:43:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (11/14/2018 11:34:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2018 11:33:22 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (11/14/2018 11:33:22 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (11/14/2018 11:33:22 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (11/14/2018 11:33:22 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

System errors:
=============
Error: (11/14/2018 11:34:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/14/2018 11:34:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/14/2018 11:34:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/14/2018 11:34:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (11/14/2018 11:34:53 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (11/14/2018 11:34:53 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (11/14/2018 11:34:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (11/14/2018 11:34:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Windows Defender:
===================================
Date: 2012-12-06 12:38:35.266
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-07-10 23:19:38.373
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-09-29 11:39:42.279
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-10 17:02:44.289
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-07 15:20:31.801
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-03 21:06:50.287
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-01-26 13:24:20.802
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.751
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.695
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.648
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.105
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.044
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.973
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.851
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8174.45 MB
Available physical RAM: 968.17 MB
Total Virtual: 16347.07 MB
Available Virtual: 7396.25 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:85.93 GB) NTFS
Drive f: (CANON) (Removable) (Total:28.96 GB) (Free:10.5 GB) FAT32

\\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======


----------



## mkdsk (Dec 30, 2009)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018
Ran by MARK (administrator) on MARK-PC (14-11-2018 15:05:16)
Running from C:\Users\MARK\Desktop\APPLE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\dlbacoms.exe
( ) C:\Windows\System32\dleacoms.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealDownloader)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-10-04] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-10-04] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-11-04]
FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-10-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC Digital Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-09-18] (Coupons, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://search.conduit.com/?ctid=CT3292715&SearchSource=48&CUI=UN78212901972922245&UM=2","hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_36.0.1985.125&apn_uid=18BF653D-4559-43C4-8703-3225ED0BEC5E&itbv=12.15.1.20&doi=2014-07-19&psv=&pt=tb","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2018-11-14]
CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-27]
CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-26]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-04]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] ( )
R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] ( )
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] ( )
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-06-05] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-10-04] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-08-22] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [539512 2018-08-22] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [490360 2018-08-22] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-07-27] (McAfee, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc.)
S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc.)
S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)
S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer-Networking Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77336 2018-10-03] (McAfee, LLC)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [235784 2018-10-02] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [367664 2018-10-03] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [533520 2018-10-03] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [967696 2018-10-03] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [555824 2018-10-02] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252952 2018-10-03] (McAfee, LLC)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (EldoS Corporation)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare)
U1 aswbdisk; no ImagePath
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
S3 mfeavfk03; \Device\mfeavfk03.sys [X]
S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 13:49 - 2018-11-14 14:29 - 000003522 ____C C:\Windows\System32\Tasks\McAfee DAT Built in test
2018-11-04 23:03 - 2018-11-04 23:03 - 000000000 ___DC C:\Users\MARK\AppData\Local\VirtualDJ
2018-11-04 22:08 - 2018-11-04 22:18 - 000000000 ____C C:\Windows\system32\sfcdetails.txt
2018-10-28 21:46 - 2018-10-29 14:37 - 000000000 ___DC C:\Users\MARK\Desktop\Hell2
2018-10-26 10:43 - 2018-10-26 10:43 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-10-19 11:22 - 2018-11-14 15:05 - 000000000 ___DC C:\FRST
2018-10-18 22:27 - 2018-10-18 22:35 - 000000000 ___DC C:\Users\MARK\Desktop\Moriah2
2018-10-17 10:24 - 2018-10-17 10:24 - 000001934 ____C C:\Users\Public\Desktop\McAfee Multi Access.lnk
2018-10-17 10:24 - 2018-10-17 10:24 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-10-16 09:54 - 2018-10-16 09:56 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\ControlCenter4
2018-10-15 22:52 - 2018-10-15 22:52 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Brother
2018-10-15 22:52 - 2018-10-15 22:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Brother
2018-10-15 20:47 - 2016-11-01 10:27 - 000090112 ____C (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2018-10-15 20:47 - 2015-06-16 20:39 - 000252928 ____C (brother) C:\Windows\system32\NSSRH64.dll
2018-10-15 20:47 - 2013-07-03 10:46 - 000065024 ____C (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2018-10-15 20:47 - 2013-03-08 14:45 - 000059904 ____C (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2018-10-15 20:47 - 2005-04-22 12:36 - 000143360 ____C C:\Windows\system32\BrSNMP64.dll
2018-10-15 20:29 - 2018-10-16 14:30 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\PowerENGAGE
2018-10-15 20:29 - 2018-10-15 20:29 - 000003584 ____C C:\Windows\System32\Tasks\PowerENGAGE
2018-10-15 20:28 - 2018-11-14 14:29 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
2018-10-15 20:27 - 2018-10-15 20:27 - 000000000 ___DC C:\Program Files\Nuance
2018-10-15 20:26 - 2018-10-15 22:52 - 000000000 ___DC C:\Users\MARK\AppData\Local\Nuance
2018-10-15 20:26 - 2018-10-15 20:26 - 000000000 ___DC C:\ProgramData\zeon
2018-10-15 20:25 - 2018-10-15 22:52 - 000000000 ___DC C:\ProgramData\Nuance
2018-10-15 20:25 - 2018-10-15 20:26 - 000000000 ___DC C:\ProgramData\ScanSoft
2018-10-15 20:25 - 2018-10-15 20:26 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2018-10-15 20:25 - 2018-10-15 20:26 - 000000000 ___DC C:\Program Files (x86)\Nuance
2018-10-15 20:25 - 2018-10-15 20:25 - 000001868 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2018-10-15 20:25 - 2018-10-15 20:25 - 000000000 ___DC C:\Users\MARK\Documents\MyWebPages
2018-10-15 20:21 - 2018-10-15 22:06 - 000002050 ____C C:\Users\Public\Desktop\Brother Creative Center.lnk
2018-10-15 20:21 - 2018-10-15 20:50 - 000000000 ___DC C:\Program Files (x86)\Browny02
2018-10-15 20:21 - 2018-10-15 20:21 - 000001676 ____C C:\Users\Public\Desktop\Brother Utilities.lnk
2018-10-15 20:20 - 2018-10-15 20:20 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4 CSDK
2018-10-15 20:19 - 2018-10-15 20:48 - 000000000 ___DC C:\ProgramData\ControlCenter4
2018-10-15 20:19 - 2018-10-15 20:48 - 000000000 ___DC C:\Program Files (x86)\ControlCenter4
2018-10-15 20:18 - 2018-10-15 22:35 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-10-15 20:18 - 2018-10-15 20:18 - 000000948 ____C C:\Users\Public\Desktop\Brother iPrint&Scan.lnk
2018-10-15 20:15 - 2018-10-15 20:50 - 000000000 ___DC C:\ProgramData\Brother
2018-10-15 20:13 - 2018-10-15 22:35 - 000000000 ___DC C:\Program Files (x86)\Brother

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-14 15:04 - 2018-03-25 09:43 - 000000000 ___DC C:\Users\MARK\Desktop\APPLE
2018-11-14 11:45 - 2009-07-13 23:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-14 11:45 - 2009-07-13 23:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-14 11:39 - 2009-07-14 00:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
2018-11-14 11:39 - 2009-07-13 22:20 - 000000000 ___DC C:\Windows\inf
2018-11-14 11:33 - 2009-07-14 00:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2018-11-13 22:47 - 2015-06-22 19:15 - 000002226 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-13 22:47 - 2015-06-22 19:15 - 000002185 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-13 21:54 - 2018-09-09 11:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
2018-11-13 18:38 - 2016-01-08 21:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps
2018-11-13 17:43 - 2016-10-20 11:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-13 17:43 - 2016-10-20 11:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-13 17:43 - 2016-10-20 11:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-13 17:43 - 2016-10-20 11:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-13 17:43 - 2011-12-23 01:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
2018-11-13 17:43 - 2011-12-23 01:24 - 000000000 ___DC C:\Windows\system32\Macromed
2018-11-13 16:43 - 2018-03-13 10:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-09 00:41 - 2018-07-30 19:57 - 000000000 ___DC C:\Users\MARK\Desktop\Sue's Songs
2018-11-08 23:40 - 2013-04-02 15:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\HandBrake
2018-11-05 19:41 - 2011-12-31 14:44 - 000000000 ___DC C:\Users\MARK
2018-11-04 23:05 - 2013-01-19 14:45 - 000000000 ___DC C:\Users\MARK\Documents\VirtualDJ
2018-11-04 23:05 - 2013-01-19 14:45 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2018-11-04 23:05 - 2013-01-19 14:45 - 000000000 ___DC C:\Program Files (x86)\VirtualDJ
2018-10-29 22:11 - 2015-12-24 23:01 - 000000000 ___DC C:\Users\MARK\Desktop\Screen shots
2018-10-29 21:13 - 2013-05-11 13:35 - 000000900 __SHC C:\ProgramData\KGyGaAvL.sys
2018-10-29 11:00 - 2015-08-05 12:09 - 000000000 ___DC C:\Users\MARK\Desktop\Fairy
2018-10-26 10:43 - 2014-08-14 13:45 - 000003554 ____C C:\Windows\System32\Tasks\GarminUpdaterTask
2018-10-26 10:43 - 2014-07-25 14:36 - 000000000 ___DC C:\Program Files (x86)\Garmin
2018-10-26 10:43 - 2012-11-21 12:09 - 000000000 ___DC C:\ProgramData\Package Cache
2018-10-25 08:09 - 2018-04-18 20:35 - 000000000 ___DC C:\Program Files (x86)\McAfee
2018-10-25 07:55 - 2018-04-18 20:37 - 000003068 ____C C:\Windows\System32\Tasks\McAfeeLogon
2018-10-25 07:55 - 2018-04-18 20:26 - 000000000 ___DC C:\Program Files\Common Files\McAfee
2018-10-23 21:09 - 2017-05-06 18:29 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-20 14:58 - 2011-12-23 01:52 - 000000000 ___DC C:\ProgramData\Roxio
2018-10-17 10:17 - 2018-04-18 20:36 - 000000000 ___DC C:\Windows\System32\Tasks\McAfee
2018-10-16 14:20 - 2018-04-18 20:35 - 000003312 ____C C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2018-10-15 23:29 - 2016-09-29 19:00 - 000000000 ___DC C:\Program Files (x86)\epson
2018-10-15 23:28 - 2016-09-29 19:01 - 000000000 ___DC C:\Program Files (x86)\EPSON Software
2018-10-15 23:28 - 2016-09-29 18:58 - 000000000 ___DC C:\ProgramData\EPSON
2018-10-15 23:28 - 2011-12-23 01:36 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2018-10-15 23:27 - 2016-09-29 19:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-15 22:34 - 2018-09-05 21:56 - 000000000 ___DC C:\Users\MARK\Desktop\House Photos During

==================== Files in the root of some directories =======

2013-04-29 17:57 - 2013-04-29 17:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
2017-08-04 19:04 - 2017-08-04 19:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
2016-03-12 23:48 - 2016-03-12 23:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
2013-11-21 12:22 - 2016-03-12 23:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
2013-11-21 12:22 - 2016-03-12 23:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
2013-11-21 12:22 - 2016-03-12 23:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
2013-11-21 12:22 - 2016-03-12 23:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
2015-03-21 19:25 - 2015-03-22 12:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
2015-03-21 19:25 - 2015-03-21 19:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
2015-03-21 19:25 - 2015-03-22 12:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
2015-03-21 19:25 - 2015-03-22 12:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-07-16 22:21 - 2017-05-08 10:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 15:24 - 2016-08-03 01:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
2013-05-16 14:25 - 2017-08-03 22:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
2013-02-22 19:31 - 2017-08-03 22:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
2015-03-15 10:04 - 2015-03-15 10:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-14 13:20

==================== End of FRST.txt ============================


----------



## mkdsk (Dec 30, 2009)

The is everything, right?


----------



## Joeicam (Oct 11, 2017)

Not yet. Just a couple more scans that we need to run. I'm waiting for my fix to be approved by my instructor before I post it here.


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, thanks for providing those logs.

Just a quick question for you: are you aware that search.conduit and websearch are set as your Chrome start pages when you load up the application? I can see that facebook is also one of the pages, but the other two have been linked to malware. I know you have your settings to continue as where you left off, but I recommend to change the start page as well.

*Step 1 of 2: Download and Run Malwarebytes Anti-Malware*

Please download the FREE version of Malwarebytes Anti-Malware to your desktop.

Double-click *mb3-setup-consumer_x.x.x.xxxx.exe* and follow the prompts to install the program.

Then click *Finish*.

If an update is found, you will be prompted to download and install the latest version.

Proceed with the *Scan* options and select "*Threat Scan*"

The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.










After a scan has been executed, scan results are displayed.

Put a checkmark on all detected and click on "Quarantine Selected"

Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.

Once the deletion is done (or after reboot), go to *Reports*, put a check-mark next to the most recent *Scan Report* and click the*View Report*.

Click *Export*, then click *Copy to Clipboard*.

Paste (*CTRL+V*) the log into your next reply.

*Step 2 of 2: ESET Online Scanner*

You will need to *disable your current installed Anti-Virus* for the duration of the online scan, how to do so can be read here.

*NOTE:* Right-click on the Google Chrome icon select *Run as Administrator* from the context menu.


Please go here to run the scan by clicking "SCAN NOW" under ESET Online Scanner

Then in the lower left-hand corner of the browser window click on esetonlinescanner.exe, and if it asks, click *Run*

In the new window that appears select the option *Accept* to accept the Terms of Use (if you get a prompt asking if you want this program to make changes to your computer, select *Yes*)

Now in the *Computer scan settings *window that appears:-

Make sure that the option *Enable detection of potentially unwanted applications* is checked

Now click on Advanced settings and select the following:


*Enable detection of potentially unsafe applications*
*Enable detection of suspicious applications*
*Scan archives*
*Enable Anti-Stealth Technology*
*and that Clean threats automatically is NOT checked*


Now click on: *Scan*

The *virus signature database... *will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the* Online Scan* will begin automatically. 

*Do not* touch either the Mouse or keyboard during the scan otherwise it may stall. 

Now click on: *Finish*

*Press* Windows key + E > *copy the following file path:* C:\users\%userprofile%\appdata\local\temp > *paste* the file path into the URL bar > *press* Enter

*Double-click* the "log.txt" file, and *copy/paste* that log as a reply to this topic
*Note:* Do not forget to re-enable your Anti-Virus application after running the above scan!

===============================================

*When you reply to me, I need to see:*

Any questions/concerns you might have, or if you were not able to complete any of the steps above
The copied and pasted results of the Malwarebytes log

The copied and pasted results of the log.txt log, generated by the ESET scan.


----------



## mkdsk (Dec 30, 2009)

How do I stop search.conduit and websearch from opening?


----------



## Joeicam (Oct 11, 2017)

I will write up instructions , but please continue with the scans.


----------



## mkdsk (Dec 30, 2009)

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/18/18
Scan Time: 7:57 PM
Log File: 1a171926-eb96-11e8-814b-d4bed98e09bc.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.7909
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MARK-PC\MARK

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 330282
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 22 min, 8 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
PUP.Optional.Conduit, C:\USERS\MARK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [215], [454832],1.0.7909
PUP.Optional.ASK, C:\USERS\MARK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2], [454825],1.0.7909

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)


----------



## mkdsk (Dec 30, 2009)

The *virus signature database... *will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the* Online Scan* will begin automatically.

*Do not* touch either the Mouse or keyboard during the scan otherwise it may stall.

Now click on: *Finish. *
*THERE IS NO FINISH BUTTON TO CLICK ON. *


----------



## Joeicam (Oct 11, 2017)

Then please just wait until the scan is finished


----------



## mkdsk (Dec 30, 2009)

I do wait and then at the end of the scan all it says was clean or don’t clean.


----------



## Joeicam (Oct 11, 2017)

> I do wait and then at the end of the scan all it says was clean or don't clean.


Sorry about that! I apologize my instructions were a bit outdated. When the scan finishes, click on "Copy to clipboard" and paste the contents as your reply back to me. Then, navigate back to the ESET window and select "Do not clean", then "Finish"


----------



## mkdsk (Dec 30, 2009)

Well, not nothing that I did the scan the other night and clicked clean.


----------



## Joeicam (Oct 11, 2017)

Okay, I would still like to see the log though:

*Press* Windows key + E > *copy the following file path:* C:\users\%userprofile%\appdata\local\temp > *paste *the file path into the URL bar > *press* Enter

*Double-click* the "log.txt" file, and *copy/paste* that log as a reply to this topic


----------



## mkdsk (Dec 30, 2009)

When I click Windows key + E it brings up my computer folder.


----------



## Joeicam (Oct 11, 2017)

Exactly, that's what it should do . There's a bar at the top that should say "Computer", click on that bar to edit it, and paste in the file path: C:\users\%userprofile%\appdata\local\temp


----------



## mkdsk (Dec 30, 2009)

20:38:24 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# end=init
# utc_time=2018-11-19 01:38:23
# local_time=2018-11-18 20:38:23 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
20:38:28 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# end=init
# utc_time=2018-11-19 01:38:28
# local_time=2018-11-18 20:38:28 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
20:38:42 Updating
20:38:42 Update Init
20:38:44 Update Download
20:39:42 esets_scanner_reload returned 0
20:39:42 g_uiModuleBuild: 39436
20:39:42 Update Finalize
20:39:42 Call m_esets_charon_send
20:39:42 Call m_esets_charon_destroy
20:39:42 Updated modules version: 39436
20:39:52 Call m_esets_charon_setup_create
20:39:52 Call m_esets_charon_create
20:39:52 m_esets_charon_create OK
20:39:52 Call m_esets_charon_start_send_thread
20:39:52 Call m_esets_charon_setup_set
20:39:52 m_esets_charon_setup_set OK
20:39:52 Scanner engine: 39436
23:17:22 RecursiveRemoveDirectoryAndAllFiles: C:\Users\MARK\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
23:17:23 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu.exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# engine=39436
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-11-19 04:17:22
# local_time=2018-11-18 23:17:22 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5138 16777213 85 94 0 126617628 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 41936233 294144492 0 0
# scanned=276374
# found=6
# cleaned=0
# scan_time=7599
sh=286DDBA7BE4EFD592EDDB6E31B3B1D7CC40A538B ft=1 fh=0000000000000000 vn="a variant of Win32/Adware.Coupons.AA application" ac=I fn="C:\AdwCleaner\Quarantine\1xVPfvJcrg\uninstall.exe"
sh=9D1CD5818AEA5DBD400168D2B53B67390F45A91A ft=0 fh=0000000000000000 vn="a variant of Win32/UwS.SlimDrivers.A application" ac=I fn="C:\AdwCleaner\Quarantine\v1\20180829.173513\1\Downloaded Installers\{18720A54-6C82-4BF3-91B2-D7DCCE723557}\setup.msi#7B238CD47778005F"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=0000000000000000 vn="a variant of Win32/Adware.Coupons.AA application" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=0000000000000000 vn="a variant of Win32/Adware.Coupons.AA application" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=0000000000000000 vn="a variant of Win32/Adware.Coupons.AA application" ac=I fn="C:\Program Files (x86)\Safari\Plugins\npMozCouponPrinter.dll"
sh=ABB0DD7E22F27ACDBC928DD349803D71EBE7CAD7 ft=0 fh=0000000000000000 vn="a variant of Win32/RealNetworks.A potentially unwanted application" ac=I fn="C:\Users\MARK\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.11\agent\stub_data\stubinst_pkg_en-us.cab"
23:17:23 Call m_esets_charon_send
23:17:23 Call m_esets_charon_destroy
23:18:13 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu (1).exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# end=init
# utc_time=2018-11-19 04:18:13
# local_time=2018-11-18 23:18:13 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
23:18:18 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu (1).exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# end=init
# utc_time=2018-11-19 04:18:17
# local_time=2018-11-18 23:18:17 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
23:19:56 Call m_esets_charon_setup_create
23:19:56 Call m_esets_charon_create
23:19:56 m_esets_charon_create OK
23:19:56 Call m_esets_charon_start_send_thread
23:19:56 Call m_esets_charon_setup_set
23:19:56 m_esets_charon_setup_set OK
23:20:06 Updating
23:20:06 Update Init
23:20:17 Call m_esets_charon_setup_create
23:20:17 Call m_esets_charon_create
23:20:17 m_esets_charon_setup_set ERROR
23:20:17 Update Download
23:20:17 esets_scanner_update returned -1 esets_gle=53251
23:20:17 g_uiModuleBuild: 39436
23:20:17 Update Finalize
23:20:17 Call m_esets_charon_send
23:20:17 Call m_esets_charon_destroy
23:20:18 Updated modules version: 39436
23:20:28 Call m_esets_charon_setup_create
23:20:28 Call m_esets_charon_create
23:20:28 m_esets_charon_setup_set ERROR
23:20:28 Scanner engine: 39436
01:43:33 # product=EOS
# version=8
# flags=0
# esetonlinescanner_enu (1).exe=2.0.22.0
# EOSSerial=d7d4f47fd3b34b4f928c6552e0eeece5
# engine=39436
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-11-19 06:43:32
# local_time=2018-11-19 01:43:32 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5138 16777213 85 94 0 126626398 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 41945003 294153262 0 0
# scanned=276575
# found=14
# cleaned=7
# scan_time=7856
sh=286DDBA7BE4EFD592EDDB6E31B3B1D7CC40A538B ft=1 fh=000000000008f4a0 vn="a variant of Win32/Adware.Coupons.AA application (cleaned by deleting)" ac=C fn="C:\AdwCleaner\Quarantine\1xVPfvJcrg\uninstall.exe"
sh=9D1CD5818AEA5DBD400168D2B53B67390F45A91A ft=0 fh=0000000001c23000 vn="a variant of Win32/UwS.SlimDrivers.A application (deleted)" ac=C fn="C:\AdwCleaner\Quarantine\v1\20180829.173513\1\Downloaded Installers\{18720A54-6C82-4BF3-91B2-D7DCCE723557}\setup.msi#7B238CD47778005F"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=000000000003c868 vn="a variant of Win32/Adware.Coupons.AA application (cleaned by deleting)" ac=C fn="C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=000000000003c868 vn="a variant of Win32/Adware.Coupons.AA application (cleaned by deleting)" ac=C fn="C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll"
sh=877ACC9E5BBC2D6156A26A24EB5D59A865764C9B ft=1 fh=000000000003c868 vn="a variant of Win32/Adware.Coupons.AA application (cleaned by deleting)" ac=C fn="C:\Program Files (x86)\Safari\Plugins\npMozCouponPrinter.dll"
sh=ABB0DD7E22F27ACDBC928DD349803D71EBE7CAD7 ft=0 fh=0000000000368ae0 vn="a variant of Win32/RealNetworks.A potentially unwanted application (deleted)" ac=C fn="C:\Users\MARK\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.11\agent\stub_data\stubinst_pkg_en-us.cab"
sh=9A05658B5CF732B86C5671231620A343F93CE868 ft=1 fh=0000000000273770 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\MARK\Desktop\Family\CuteWriter.exe"
01:43:45 Call m_esets_charon_send
01:43:45 Call m_esets_charon_destroy


----------



## mkdsk (Dec 30, 2009)

What is next?


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, nice job on providing that.

I know that you have Chrome configured to start where you left off, but one of the other settings is configured to load up sites related to malware. To change this:

1. *Open* Chrome.
2. At the top right, *click* on the three vertical dots, then *Settings*.
3. Under "On startup," *select* *Open a specific page or set of pages*.
4. Look for "search.conduit", "search.ask", "websearch", and *click* on the three vertical dots next to them, and *click *on "Remove".
5. Once you're finished removing those, you can *change *the "On startup" setting as you had it before, to "Continue where you left off"

===============================================

*When you reply to me, I need to see:*

Any questions/concerns you might have, or if you were not able to complete any of the steps above


----------



## mkdsk (Dec 30, 2009)

I did what you said but I don't see search.conduit", "search.ask", "websearch


----------



## Joeicam (Oct 11, 2017)

Great, that's what I wanted to see







. Good work!.

I know that you also had your laptop that we had originally started out with, but instead of posting that in here, I would recommend starting a new topic to keep things tidy.

Well done!







. Your computer is clean and is ready to be used again







. All of the bad guys have been removed, but please take the time to follow these last steps to clean up the tools we've used throughout the process. It was *my pleasure* helping you

Now that we are at the end of the disinfection process, the tools that we utilized can now be removed from your machine, since they won't be used again (we hope!). If they need to be, then the most updated versions should be downloaded at that time.

If you didn't uninstall ESET after running the program, we will do it now.

*Step 1 of 6: Uninstalling ESET*

On your keyboard, *press* the Windows key + R, and a Run box will pop up

*Type*: control panel , in the search box, then *click* on OK

Under View by: (in the upper-right hand corner), *select* Category, then click Uninstall a program

In the list of programs installed you can click on Name (in the header) to sort alphabetically. Now, *locate the following program(s)*: ESET

*Click* on the program to highlight it and *right-click* the program and click *Uninstall*.

After the program has been uninstalled, *close* the "Uninstall or change a program" window

*Reboot* the computer.
*Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)*

1. Using Windows Explorer (on your keyboard press the Windows key + E), please delete the following folders(s) (if present - the folders listed in *RED*):
*C:\Program Files\ESET
C:\Program Files (86)\ESET*

2. Close *Windows Explorer.*

*Step 2 of 6: Removing Disinfection Tools with Delfix*

This step cleans up the tools we were utilizing and creates a new restore point.

1. Download *Delfix* by Xplode from here
2. Ensure *Remove disinfection tools* is ticked
*Also tick:*

Create registry backup









3. *Click* Run

The program will run for a few moments and then notepad will open with a log. Please *copy and paste* the log in your next reply.

*Step 3 of 6: Enable Java Automatic Updates*

*Enabling Java Automatic Updates*

Change the Java update settings through the Java Control panel.

Windows 7 and Vista: *Press on your keyboard* Windows key + R > *Type:* Control Panel

Type *Java *in the search Control Panel located in the upper right corner.

Launch the Java Control Panel by *clicking* on the Java icon. The Java Control Panel appears.

*Click* the Update tab to access the settings.

To enable Java Update to automatically check for updates, *select* the *Check for Updates Automatically *check box.
*If* there is an update, *update it.*

*Step 4 of 6: Filehippo Updatechecker*

Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is *Filehippo*. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.

*Keep Applications Updated using FileHippo*
1. *Navigate* to this website
2. *Click* on the green "*Download This Version*" on the right
3. *Click* on the downloaded file entitled, "*AppManagerSetup_1.47*"
4. *Follow* the on-screen instructions
Once installed, *FileHippo will prompt you if any updates are available* for the applications you currently have installed.

*Step 5 of 6: Malwarebytes AntiMalware*

As you have installed* Malwarebytes*, I recommend that you keep this program and use it to help you stay clean.

The *free version* will scan your computer and fix the problems it finds but will not provide *real-time protection*. You must *scan regularly* to find any threats. If it finds things such as *PUP's (Potentially Unwanted Programs)* you can delete those with no worries. However, if it finds something like a *trojan*, come see us.
Consider purchasing the* full version* for active threat monitoring.

*Step 6 of 6: Installation of Unchecky (Optional)*

This is a good program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.

Click here to be taken to Unchecky.com

Click the Download button in the middle of the screen

*Click* Save

Once downloaded, *right-click* the program and *select *"Run as Administrator"

Once open, *click* the Install button

Then *click* on Finish

Unchecky is now installed and will help you keep unwanted check boxes unchecked


----------



## mkdsk (Dec 30, 2009)

I don't see search.conduit", "search.ask", "websearch and after all you told me to do my computer is still slow and takes things a long time to load.


----------



## Joeicam (Oct 11, 2017)

> I don't see search.conduit", "search.ask", "websearch


Yes, that's good 



> my computer is still slow and takes things a long time to load


But now we know that the problem isn't malware related . Now we can start diagnosing the problem in other ways. Can you be more specific about the slowness on your machine? Is it slow from the moment you log into the computer, or when you do specific things?

From your last FRST scan I can see you have sufficient free space on your machine, but are using 88% of your RAM's capacity, so one cause of slowness is just having too many programs open at once.


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, do you still require assistance? We're going on 4 days.


----------



## mkdsk (Dec 30, 2009)

yes. When I click on any thing on my computer it lags for like 30 seconds then it releases. Oh well, thank you for all what you have tried to do to help me. I don't want to get you irritated.


----------



## Joeicam (Oct 11, 2017)

It's certainly up to you, we can try to fix this, but let me know. I would be happy to try and figure out what's happening on your computer .


----------



## mkdsk (Dec 30, 2009)

Let's do it.


----------



## Joeicam (Oct 11, 2017)

> Let's do it.


Great!



> When I click on any thing on my computer it lags for like 30 seconds then it releases.


Alright, so now just for clarification: does this happen immediately after logging into your computer, or does it take awhile after you have been signed in for it to start running slowly?


----------



## mkdsk (Dec 30, 2009)

After I have been logged on for a while I go and click on something and the activity light stays a solid green for about 40 seconds and the computer freezes and then it frees up.


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, sorry for the delay. Let's continue:

*Step 1 of 1: **Fix with Windows Repair (All in One)*

Download Windows Repair (All in One) from here. 

Choose the Download Now button with Portable Version below it, to your Desktop
When the download finishes, if you receive a warning saying that Chrome blocked the "dangerous file" *press* Ctrl + J to *open* Downloads
*Click on* "Keep dangerous file": it's not dangerous. *Click on* "Keep anyway".
*Click* Show in folder and *drag* the .zip folder to your Desktop
Unzip it to your Desktop 
Run the program (Repair_Windows.exe)

*NOTE 1. Disable your antivirus program before running Windows Repair by following the instructions here.
NOTE 2. In Windows Vista, 7, 8, and 10 right-click on the file Repair_Windows.exe, inside of the extracted folder, and click "Run As Administrator", and accept the End User License Agreement. 
NOTE 3. The images below may be slightly different from your current version.*

Upon opening the application, it should look like this:









*Click* on the Backup Tools tab at the top, and *click* "Create" under heading System Restore:









After the System Restore point has been created, *navigate back* to the "Pre-Repair Steps" tab, *click on* "Step 3(Important)"
*Click on* Open Check Disk At Next Boot









*Ensure* that the Drive has a C: inside of the box, and *click on* "(/F) Fix errors on the disk", then *click on* "Add to Next Boot", then *click on* the white X in the red box of the window that opened. 









*Navigate* to "Step 4: (Optional)", and *click on* the Check button, *wait* for the Scan to finish.










When the scan is finished, it will ask you to restart your machine. Please do so.
Upon rebooting your machine, please open the folder that you extracted to your Desktop. Open the Logs folder and open chkdsk_full_log, and *copy & paste* the contents in your next reply.

===============================================

*When you reply to me, I need to see:*

Any questions/concerns you might have, or if you were not able to complete any of the steps above
The copied and pasted results of the chkdsk_full_log text file


----------



## mkdsk (Dec 30, 2009)

Will this remove anything or change my computer at all?


----------



## Joeicam (Oct 11, 2017)

The only things these scans will do is if there are bad sectors on your hard drive, it will fix them - to make your computer run more efficiently, and they will also verify and replace Windows system files if they are bad. Both of these scans come pre-installed on a Windows machine: chkdsk, and system file check. We just use the Windows Repair (All in One) tool to make things easier.


----------



## mkdsk (Dec 30, 2009)

And also my computer is not making any system restore points and I need help with that too...


----------



## Joeicam (Oct 11, 2017)

Alright, what happens when you try to create the System Restore point with the Windows Repair (All in One) tool?


----------



## mkdsk (Dec 30, 2009)

Can we work on the system restore points first before I do the windows repair?


----------



## mkdsk (Dec 30, 2009)

I am not even making restore points, they use to create them selves now they won't do that anymore.


----------



## Joeicam (Oct 11, 2017)

Yes we can. What does the tool say when you try to create a system restore point? We can hold off on the rest of the steps for now, until we get the restore point resolved.


----------



## mkdsk (Dec 30, 2009)

I want the restore points to make themselves like my computer use to do? Can you help me with that?


----------



## Joeicam (Oct 11, 2017)

Yes. Please run the tool as instructed. I want to see if creating the restore point with the tool works. If it doesn't work, the tool also has a fix we can run to get the restore points working. Does that make sense?


----------



## mkdsk (Dec 30, 2009)

What tool?


----------



## Joeicam (Oct 11, 2017)

See post #86 . Follow the instructions up to this step: "*Click* on the Backup Tools tab at the top, and *click* "Create" under heading System Restore", and let me know if it is able to create a System Restore point. The tool: *Windows Repair (All in One)*, comes pre-loaded with fixes we can run to get your System Restore points working again . Does that make sense?


----------



## mkdsk (Dec 30, 2009)

THIS COMES UP WHEN I CLICK RUN ON THE Repair_Windows.exe


----------



## Joeicam (Oct 11, 2017)

hey there, I'm still with you currently researching for a solution . Sorry for the delay. I'm in the mist of studying for a certification.


----------



## Joeicam (Oct 11, 2017)

Would you mind trying downloading the program again to see if that fixes the problem?


----------



## mkdsk (Dec 30, 2009)

What do you mean when you say *Click* Show in folder?


----------



## mkdsk (Dec 30, 2009)

I finally did it and it said it created a restore point and I check and the restore point is NOT created.


----------



## Joeicam (Oct 11, 2017)

Let's check it out. Please scan your computer with FRST again and post the Addition.txt log. If there's nothing there, there's a specific fix we can do with Windows Repair.


----------



## mkdsk (Dec 30, 2009)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.12.2018
Ran by MARK (administrator) on MARK-PC (22-12-2018 23:08:31)
Running from C:\Users\MARK\Desktop\APPLE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\dlbacoms.exe
( ) C:\Windows\System32\dleacoms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

"Path" (C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Dell\DW WLAN Card\Driver;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared;C:\Program Files (x86)\Roxio\OEM\AudioCore;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\ -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Dell\DW WLAN Card\Driver;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared;C:\Program Files (x86)\Roxio\OEM\AudioCore;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\) <==== Repaired successfully
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [VIDC.I420] => MSh263.drv
HKLM\...\Drivers32: [MSVideo8] => C:\Windows\System32\VfWWDM32.dll [68096 2010-11-20] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid64.dll [630272 2014-11-11] (TechSmith Corporation)
HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec64.dll [270848 2014-08-27] (TechSmith Corporation)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.siren] => C:\Windows\SysWOW64\sirenacm.dll [58368 2012-09-12] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsu****a Electric Industrial Co., Ltd.)
HKLM\...\Drivers32-x32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation)
HKLM\...\Drivers32-x32: [vidc.tsc2] => C:\Windows\SysWOW64\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation)
HKLM\...\Drivers32-x32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Intel Corporation)
HKLM\...\Drivers32-x32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Intel Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealDownloader)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-10-04] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-10-04] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-11-04]
FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-10-25] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-05] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-10-04] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC Digital Corp.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2018-12-22]
CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-27]
CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-04]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] ( )
R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] ( )
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] ( )
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-06-05] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-10-04] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-08-22] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [539512 2018-08-22] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [490360 2018-08-22] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-07-27] (McAfee, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc.)
S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc.)
S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)
S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer-Networking Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77336 2018-10-03] (McAfee, LLC)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [235784 2018-10-02] (McAfee, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2018-12-22] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [367664 2018-10-03] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [533520 2018-10-03] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [967696 2018-10-03] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [555824 2018-10-02] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252952 2018-10-03] (McAfee, LLC)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (EldoS Corporation)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare)
U1 aswbdisk; no ImagePath
U3 mfeaack01; \Device\mfeaack01.sys [X]
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
S3 mfeavfk03; \Device\mfeavfk03.sys [X]
S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-22 14:08 - 2018-12-22 21:48 - 000003522 ____C C:\Windows\System32\Tasks\McAfee DAT Built in test
2018-12-22 11:51 - 2018-12-22 11:51 - 000261032 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-20 21:47 - 2018-12-20 21:47 - 000000855 ____C C:\Users\MARK\Desktop\INSIGNIA•Roku TV - YN00T3638727 - Shortcut.lnk
2018-12-17 11:52 - 2018-12-17 11:53 - 000293248 ____C C:\Windows\Minidump\121718-28438-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-22 23:08 - 2018-10-19 11:22 - 000000000 ___DC C:\FRST
2018-12-22 23:06 - 2018-03-25 09:43 - 000000000 ___DC C:\Users\MARK\Desktop\APPLE
2018-12-22 22:51 - 2018-09-09 11:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
2018-12-22 22:27 - 2016-01-08 21:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps
2018-12-22 20:30 - 2018-10-15 20:28 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
2018-12-22 12:05 - 2009-07-13 23:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-22 12:05 - 2009-07-13 23:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-22 11:57 - 2009-07-14 00:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
2018-12-22 11:57 - 2009-07-13 22:20 - 000000000 ___DC C:\Windows\inf
2018-12-22 11:51 - 2009-07-14 00:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2018-12-19 19:13 - 2015-06-22 19:15 - 000003332 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 19:13 - 2015-06-22 19:15 - 000003204 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 02:18 - 2018-11-18 18:36 - 000152688 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-17 11:52 - 2018-03-29 15:31 - 800698057 _____ C:\Windows\MEMORY.DMP
2018-12-17 11:52 - 2013-04-10 16:00 - 000000000 ___DC C:\Windows\Minidump
2018-12-16 14:03 - 2012-01-23 19:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Audacity
2018-12-15 00:47 - 2017-11-30 20:34 - 000000000 ___DC C:\Users\MARK\Desktop\Moriah
2018-12-13 21:50 - 2015-06-22 19:15 - 000002226 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-13 21:50 - 2015-06-22 19:15 - 000002185 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-11 15:25 - 2017-05-06 18:29 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-06 11:16 - 2009-07-14 00:08 - 000032650 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-05 14:43 - 2016-10-20 11:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-05 14:43 - 2016-10-20 11:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-05 14:43 - 2016-10-20 11:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 14:43 - 2016-10-20 11:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-05 14:43 - 2011-12-23 01:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
2018-12-05 14:43 - 2011-12-23 01:24 - 000000000 ___DC C:\Windows\system32\Macromed
2018-12-05 13:43 - 2018-03-13 10:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-29 12:31 - 2018-10-15 20:19 - 000000000 ___DC C:\ProgramData\ControlCenter4

==================== Files in the root of some directories =======

2013-04-29 17:57 - 2013-04-29 17:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
2017-08-04 19:04 - 2017-08-04 19:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
2016-03-12 23:48 - 2016-03-12 23:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
2013-11-21 12:22 - 2016-03-12 23:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
2013-11-21 12:22 - 2016-03-12 23:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
2013-11-21 12:22 - 2016-03-12 23:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
2013-11-21 12:22 - 2016-03-12 23:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
2015-03-21 19:25 - 2015-03-22 12:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
2015-03-21 19:25 - 2015-03-21 19:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
2015-03-21 19:25 - 2015-03-22 12:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
2015-03-21 19:25 - 2015-03-22 12:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-07-16 22:21 - 2017-05-08 10:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 15:24 - 2016-08-03 01:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
2013-05-16 14:25 - 2017-08-03 22:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
2013-02-22 19:31 - 2017-08-03 22:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
2015-03-15 10:04 - 2015-03-15 10:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-14 14:26

==================== End of FRST.txt ============================


----------



## mkdsk (Dec 30, 2009)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.12.2018
Ran by MARK (22-12-2018 23:12:35)
Running from C:\Users\MARK\Desktop\APPLE
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R14 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.203 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC Digital Corp.)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-10-04] (McAfee, Inc.)
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)
ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [2018-02-28] ()
Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {2BFC4343-96A9-4C7C-ACC8-C018C0DD58EE} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-06-06] (McAfee, Inc.)
Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
Task: {4DD05920-3129-4DFD-BA6F-E6EFE67BC532} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {50BF9D53-83BC-4D7E-BCB7-F008C9946199} - System32\Tasks\{479B464A-5FCF-410E-AFE0-ED5300A0DDD0} => C:\Program Files (x86)\Roxio Creator NXT\Roxio Central\RoxioCentralFx.exe [2012-07-18] ()
Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {6E67EAE3-CD36-4E83-9602-0F43C500743F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-07-13] (McAfee, Inc.)
Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-06-11] (McAfee, Inc.)
Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {7DAB0AF4-D9C8-4C6B-B5E1-773F85640165} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-08-30] (Safer-Networking Ltd.)
Task: {A0337C78-7B2C-41F7-8539-5742AC34C4D2} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-22] (Google Inc.)
Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe 
Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [2018-02-28] (RealNetworks, Inc.)
Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe [2018-07-06] (Apple Inc.)
Task: {FA7A0342-21F5-451A-88FA-CCFA11240FEA} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.6.319\mcdatrep.exe [2018-09-04] (McAfee, LLC.)
Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-12 20:38 - 2016-01-22 15:57 - 000089008 ____C () C:\Windows\System32\cpwmon64.dll
2013-08-30 17:05 - 2010-07-19 08:12 - 000394272 _____ () C:\Windows\system32\spool\DRIVERS\x64\x64v05.dll
2013-06-05 12:25 - 2007-02-20 07:30 - 000116224 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlbapp6c.dll
2011-12-31 14:54 - 2009-11-04 08:18 - 000189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 001356088 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-15 20:47 - 2005-04-22 12:36 - 000143360 ____C () C:\Windows\system32\BrSNMP64.dll
2018-11-18 18:36 - 2018-12-19 02:18 - 002712432 ____C () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-29 15:34 - 2018-06-29 15:34 - 000896136 ____C () C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPMsgBusDLL.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 001356088 ____C () C:\Program Files\iTunes\libxml2.dll
2018-07-06 01:00 - 2018-07-06 01:00 - 000088888 ____C () C:\Program Files\iTunes\zlib1.dll
2018-12-13 21:49 - 2018-12-12 00:11 - 005237216 ____C () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-13 21:49 - 2018-12-12 00:11 - 000117216 ____C () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-02-28 11:58 - 2018-02-28 11:58 - 001270560 ____C () c:\program files (x86)\real\RealDownloader\downloader2.exe
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 ____C () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 ____C () C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-04-05 08:53 - 2017-11-07 18:55 - 000137728 ____C () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 08:53 - 2017-11-07 18:55 - 000440832 ____C () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-27 14:33 - 2017-11-07 19:04 - 000087040 ____C () C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 000087552 ____C () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 017974784 ____C () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

There are 7716 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-04-23 19:26 - 000000093 ____C C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.eom

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe
FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{E61D41CA-AA7F-4AB5-BD27-07A803FB4869}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: zeonetfilter
Description: zeonetfilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: zeonetfilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/22/2018 10:27:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McHlp32.exe, version: 17.4.148.0, time stamp: 0x5bb63fd9
Faulting module name: Flash.OCX, version: 7.0.19.0, time stamp: 0x3fd4f78d
Exception code: 0xc0000005
Fault offset: 0x00066da9
Faulting process id: 0x57f0
Faulting application start time: 0x01d49a6f586dc6f0
Faulting application path: C:\PROGRA~2\McAfee\MSC\McHlp32.exe
Faulting module path: C:\Windows\SysWow64\Macromed\Flash\Flash.OCX
Report Id: 9eeecb63-0662-11e9-9348-00038a000015

Error: (12/22/2018 08:58:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

Error: (12/22/2018 04:02:35 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x80070070).

Error: (12/22/2018 04:02:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070070).

Error: (12/22/2018 11:53:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/22/2018 11:51:47 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (12/22/2018 11:51:47 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (12/22/2018 11:51:47 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

System errors:
=============
Error: (12/22/2018 08:18:00 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.

Error: (12/22/2018 11:53:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (12/22/2018 11:53:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (12/22/2018 11:53:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (12/22/2018 11:53:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (12/22/2018 11:53:32 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (12/22/2018 11:53:32 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (12/22/2018 11:53:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Windows Defender:
===================================
Date: 2012-12-06 12:38:35.266
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-07-10 23:19:38.373
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-09-29 11:39:42.279
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-10 17:02:44.289
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-07 15:20:31.801
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-03 21:06:50.287
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-01-26 13:24:20.802
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.751
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.695
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.648
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.105
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.044
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.973
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.851
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 87%
Total physical RAM: 8174.45 MB
Available physical RAM: 1006.09 MB
Total Virtual: 16347.07 MB
Available Virtual: 2600.7 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:85.37 GB) NTFS
Drive f: (CANON) (Removable) (Total:28.96 GB) (Free:6.28 GB) FAT32

\\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


----------



## Joeicam (Oct 11, 2017)

Thank you for providing those logs. I'm looking for a solution


----------



## mkdsk (Dec 30, 2009)

Are you still with me?


----------



## Joeicam (Oct 11, 2017)

Yep, I'm still with you. I apologize for the delay. I get very busy around the holidays. Unfortunately, the fix that I was thinking was available to us is no longer around. As this is getting a bit out of my level of knowledge, I recommend that you post in the Windows 10 forum to get more specific help around the System Restore settings. However, rest assured that your computer is free of malware . Do you have any other questions?


----------



## mkdsk (Dec 30, 2009)

awwwww. Okay.  Not sure what is going on but this computer is still lagging, and the same thing when we started. I click on something and it takes a minute or two to do anything? Will the *Fix with Windows Repair (All in One) work? *


----------



## Joeicam (Oct 11, 2017)

Yes, I apologize for that.. I'm not so familiar with specific System Restore fixes. I was thinking that we could use the Windows Repair tool, but it looks like the fix I was thinking about isn't there. I would still recommend that you post your question in the Windows 10 forum, as this problem doesn't appear to be malware specific - my forte.


----------



## mkdsk (Dec 30, 2009)

What I mean was back in post 86 we were going to do something. Can we still continue that?


----------



## Joeicam (Oct 11, 2017)

Yes, you can certainly continue with the steps, skipping the part with creating the system restore point. Both the Check Disk program and the System File Check are programs that are designed to look for and correct damaged system files. That would be the only reason why I can think of why your computer is still sluggage - coming from my limited knowledge on the subject .


----------



## mkdsk (Dec 30, 2009)

Okay just stick with me for a little while more as I do those things, please.


----------



## Joeicam (Oct 11, 2017)

Yes of course


----------



## mkdsk (Dec 30, 2009)

So I did all that and when I clicked on logs to paste here the log folder is empty.


----------



## Joeicam (Oct 11, 2017)

When you ran the scans with the Windows Repair tool, did it appear that the scans were working? Did you experience any errors?


----------



## mkdsk (Dec 30, 2009)

After the scan it said it couldn't fix all the corrupt files.


----------



## Joeicam (Oct 11, 2017)

Do you remember which scan said that? I can research what other people are doing, that are experiencing that same problem.


----------



## mkdsk (Dec 30, 2009)

the tweaking one.


----------



## Joeicam (Oct 11, 2017)

Which one, out of these two, was it that said it couldn't fix all of the corrupted files: 1. the Check Disk scan or 2. the System File Check scan?


----------



## mkdsk (Dec 30, 2009)

Check Disk scan


----------



## Joeicam (Oct 11, 2017)

Hi mkdsk, again as I'm only familiar with this on the surface, but I did find a link from my research that might be able to help you. I've seen users in your same situation do a Windows 7 Repair Install to fix corrupted system files, which also fixes overall computer slowness and might help fix the problem with creating restore points. A Repair install is different from a system restore in that it preserves all of your programs and data. I see you're already posting in the Windows 7 forum, so I hope they will be able to answer your question more directly. If not, feel free to go through the link that I provided for you .


----------



## Joeicam (Oct 11, 2017)

Anything else from me, mkdsk? Otherwise I think we can close this thread down


----------



## mkdsk (Dec 30, 2009)

I don't have the windows 7 repair disk. What else can I do?


----------



## Joeicam (Oct 11, 2017)

Have you tried doing Step 6 from that website? The one that says: 6. Repair Installed Windows 7 without SP1 using Windows 7 without SP1 DVD/USB. Just a word of caution, if you do go about these steps, please make sure all of your important data is backed-up incase something were to happen. Obviously the goal is to not lose any of your important data, but things happen - wrong clicks, etc.


----------



## mkdsk (Dec 30, 2009)

I tried everything. Thank you for all of your help I do appreciate it.


----------



## Joeicam (Oct 11, 2017)

Happy to help!


----------



## Joeicam (Oct 11, 2017)

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help . 

If you're the topic starter and still require assistance, please reply back to the thread to the thread.

Everyone else please begin a New Topic.


----------

