My PC is extremely slow for almost anything. Including 'closing' files (!?). As requested:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2017
Ran by angeles (administrator) on ANGELES-PC (28-11-2017 17:34:01)
Running from C:\Users\angeles\Desktop
Loaded Profiles: angeles (Available Profiles: angeles & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Technologies, Inc.) C:\Users\angeles\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\angeles\AppData\Local\Akamai\netsession_win.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-05-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-05-13] (Lenovo)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-27] (AVAST Software)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [383344 2010-12-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-13] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [HLBackupScheduler] => "C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe"
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [Akamai NetSession Interface] => C:\Users\angeles\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-13] (Google Inc.)
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2182584 2015-10-22] ()
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\MountPoints2: {4ba2ed90-1d4e-11e6-82db-f0def1ef5697} - E:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\MountPoints2: {769b85bc-d38d-11e3-844e-f0def1ef5697} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\MountPoints2: {9d7dd305-ea87-11e3-918c-f0def1ef5697} - E:\MotorolaDeviceManagerSetup.exe -a
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-05]
Startup: C:\Users\angeles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-09-25]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2012-05-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2012-05-13]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{A3ADE3C5-E878-4AE2-87ED-79F75B8C1A53}: [DhcpNameServer] 10.0.1.1
Tcpip\..\Interfaces\{E02990FE-281F-45B5-8531-874E32735C34}: [DhcpNameServer] 10.128.128.128
Internet Explorer:
==================
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP22&ocid=UP22DHP
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKU\S-1-5-21-3876371430-4153257343-302851002-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3876371430-4153257343-302851002-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3876371430-4153257343-302851002-1000 -> 1F82560E7A284F3B9D81B2C56FB0F4D8 URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS498
SearchScopes: HKU\S-1-5-21-3876371430-4153257343-302851002-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3876371430-4153257343-302851002-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS498
BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll [2010-12-13] (Egis Technology Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-27] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-24] (Oracle Corporation)
BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll [2010-12-13] (Egis Technology Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-27] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-24] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-3876371430-4153257343-302851002-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\angeles\AppData\Roaming\Mozilla\Firefox\Profiles\tqhyv03k.default [2017-11-28]
FF Homepage: Mozilla\Firefox\Profiles\tqhyv03k.default -> google.com/
FF Extension: (Avast SafePrice) - C:\Users\angeles\AppData\Roaming\Mozilla\Firefox\Profiles\tqhyv03k.default\Extensions\sp@avast.com.xpi [2017-08-27]
FF Extension: (Avast Online Security) - C:\Users\angeles\AppData\Roaming\Mozilla\Firefox\Profiles\tqhyv03k.default\Extensions\wrc@avast.com.xpi [2017-08-27]
FF SearchPlugin: C:\Users\angeles\AppData\Roaming\Mozilla\Firefox\Profiles\tqhyv03k.default\searchplugins\bingp.xml [2014-12-06]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\EgisTec BioExcess\FFExt
FF Extension: ( Online Accounts Extension ) - C:\Program Files (x86)\EgisTec BioExcess\FFExt [2012-05-13] [Lagacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-28] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2011-02-25] (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-28] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [2011-02-25] (Best Buy)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3876371430-4153257343-302851002-1000: @citrixonline.com/appdetectorplugin -> C:\Users\angeles\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-09-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-3876371430-4153257343-302851002-1000: SkypePlugin -> C:\Users\angeles\AppData\Local\SkypePlugin\7.7.0.219\npGatewayNpapi.dll [2015-09-23] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3876371430-4153257343-302851002-1000: SkypePlugin64 -> C:\Users\angeles\AppData\Local\SkypePlugin\7.7.0.219\npGatewayNpapi-x64.dll [2015-09-23] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-01] (Coupons, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default [2017-11-28]
CHR Extension: (Docs) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Skype Calling) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-15]
CHR Extension: (YouTube) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2017-11-28]
CHR Extension: (Avast SafePrice) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-28]
CHR Extension: (Bing) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-16]
CHR Extension: (Gmail) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\angeles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-28]
CHR HKU\S-1-5-21-3876371430-4153257343-302851002-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0094031378412970mcinstcleanup; C:\Users\angeles\AppData\Local\Temp\009403~1.EXE [833616 2013-01-30] (McAfee, Inc.) <==== ATTENTION
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-27] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-27] (AVAST Software)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-10-15] (Coupons.com Inc.)
R2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-27] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-08-27] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-08-27] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-08-27] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-08-27] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-08-27] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146704 2017-08-27] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-08-27] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-08-27] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015880 2017-08-27] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-08-27] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-08-27] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-08-27] (AVAST Software)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [193464 2017-11-28] (Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [110016 2017-11-28] (Malwarebytes)
R3 MBAMProtection; C:\windows\System32\DRIVERS\mbam.sys [46008 2017-11-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-28] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [84256 2017-11-28] (Malwarebytes)
R2 NPF; C:\windows\System32\drivers\npf.sys [47632 2009-10-21] (CACE Technologies, Inc.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
U3 SQLWriter; no ImagePath
U2 Stereo Service; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-28 17:34 - 2017-11-28 17:55 - 000027675 _____ C:\Users\angeles\Desktop\FRST.txt
2017-11-28 17:31 - 2017-11-28 17:34 - 000000000 ____D C:\FRST
2017-11-28 12:40 - 2017-11-28 12:40 - 002391552 _____ (Farbar) C:\Users\angeles\Desktop\FRST64.exe
2017-11-28 12:37 - 2017-11-28 12:37 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-28 12:34 - 2017-11-28 12:34 - 000110016 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-11-28 03:44 - 2017-11-28 12:50 - 000084256 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-11-28 03:25 - 2017-11-28 03:25 - 126925120 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2017-11-28 01:05 - 2017-11-28 01:05 - 000142460 _____ C:\Users\angeles\Desktop\Malwarebytes 2017-11-28.txt
2017-11-28 00:37 - 2017-10-17 21:34 - 000134376 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-11-28 00:37 - 2017-10-17 21:30 - 000605184 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-11-28 00:37 - 2017-10-15 17:04 - 000407392 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 002023936 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-11-28 00:37 - 2017-10-04 08:04 - 001570304 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 000670208 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 000603648 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 000370688 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 000241664 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-11-28 00:37 - 2017-10-04 08:04 - 000181760 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-11-28 00:08 - 2017-11-28 00:08 - 000193464 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2017-11-28 00:07 - 2017-11-28 12:35 - 000046008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-11-28 00:07 - 2017-11-28 00:07 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2017-11-28 00:06 - 2017-11-28 00:06 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-28 00:06 - 2017-11-28 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-28 00:06 - 2017-11-28 00:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-28 00:06 - 2017-11-28 00:06 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-28 00:06 - 2017-11-01 08:54 - 000077432 _____ C:\windows\system32\Drivers\mbae64.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-28 17:42 - 2012-11-11 14:53 - 000000000 ____D C:\Users\angeles\AppData\Roaming\Skype
2017-11-28 17:38 - 2016-04-13 16:57 - 000000642 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-3876371430-4153257343-302851002-1000.job
2017-11-28 17:25 - 2014-12-07 15:12 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-11-28 17:25 - 2014-12-07 15:07 - 000803328 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-11-28 17:25 - 2014-12-07 15:07 - 000144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-28 17:25 - 2014-12-07 15:07 - 000000000 ____D C:\windows\system32\Macromed
2017-11-28 17:25 - 2012-05-13 11:42 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-11-28 17:23 - 2016-04-13 16:57 - 000000546 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-3876371430-4153257343-302851002-1000.job
2017-11-28 17:06 - 2012-05-13 11:43 - 000000000 ____D C:\ProgramData\VeriFace
2017-11-28 12:55 - 2009-07-13 23:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-28 12:55 - 2009-07-13 23:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-28 12:44 - 2017-08-27 11:08 - 000004172 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-11-28 12:41 - 2009-07-14 00:13 - 000782510 _____ C:\windows\system32\PerfStringBackup.INI
2017-11-28 12:41 - 2009-07-13 22:20 - 000000000 ____D C:\windows\inf
2017-11-28 12:38 - 2015-12-07 16:57 - 000000000 ___RD C:\Users\angeles\Verizon Cloud Sync
2017-11-28 12:33 - 2014-05-28 11:48 - 000000000 ____D C:\Temp
2017-11-28 12:33 - 2012-05-13 11:57 - 002456225 _____ C:\windows\system32\fastboot.set
2017-11-28 12:32 - 2012-08-21 22:18 - 000000000 ____D C:\Users\angeles
2017-11-28 12:32 - 2009-07-14 00:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-11-28 10:34 - 2013-09-20 17:16 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-11-28 10:30 - 2015-01-30 20:11 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-28 09:08 - 2017-07-26 19:48 - 000000000 ____D C:\Users\angeles\AppData\Local\GoToMeeting
2017-11-28 07:47 - 2012-11-11 14:53 - 000000000 ____D C:\ProgramData\Skype
2017-11-28 07:24 - 2009-07-13 22:20 - 000000000 ____D C:\windows\system32\NDF
2017-11-28 03:34 - 2014-12-11 19:10 - 000000000 ____D C:\windows\system32\appraiser
2017-11-28 03:26 - 2013-08-08 09:08 - 000000000 ____D C:\windows\system32\MRT
2017-11-28 03:24 - 2012-08-24 13:53 - 126925120 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-11-28 03:21 - 2014-02-26 07:49 - 000775124 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2017-11-27 23:59 - 2012-05-13 11:53 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-27 23:55 - 2016-04-13 16:57 - 000003676 _____ C:\windows\System32\Tasks\G2MUploadTask-S-1-5-21-3876371430-4153257343-302851002-1000
2017-11-27 23:55 - 2016-04-13 16:57 - 000003580 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3876371430-4153257343-302851002-1000
2017-11-27 18:56 - 2012-05-13 11:53 - 000003330 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-27 18:56 - 2012-05-13 11:53 - 000003202 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
Some files in TEMP:
====================
2013-09-05 15:29 - 2013-01-30 14:24 - 000833616 _____ (McAfee, Inc.) C:\Users\angeles\AppData\Local\Temp\0094031378412970mcinst.exe
2014-05-12 06:55 - 2014-05-12 06:55 - 000037096 _____ (Conexant Systems Inc.) C:\Users\angeles\AppData\Local\Temp\cxtvrate.dll
2009-12-01 16:44 - 2009-12-01 16:44 - 000081408 _____ (eMPIA Technology, Inc.) C:\Users\angeles\AppData\Local\Temp\emmon.exe
2015-02-15 18:17 - 2015-02-15 18:17 - 000762000 _____ (Installer Application ) C:\Users\angeles\AppData\Local\Temp\ICReinstall_hdyoutubedownloader_setup.exe
2013-09-05 16:35 - 2013-09-05 16:35 - 000999768 _____ (Solid State Networks) C:\Users\angeles\AppData\Local\Temp\install_reader11_en_mssa_aih.exe
2016-07-20 11:13 - 2016-07-20 11:13 - 000741440 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u101-windows-au.exe
2015-03-18 18:45 - 2015-03-18 18:46 - 000561576 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u40-windows-au.exe
2015-04-19 17:18 - 2015-04-19 17:18 - 000562088 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u45-windows-au.exe
2015-07-15 11:13 - 2015-07-15 11:13 - 000563808 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-08-27 22:13 - 2015-08-27 22:13 - 000585824 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u60-windows-au.exe
2016-02-05 18:05 - 2016-02-05 18:05 - 000736352 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u73-windows-au.exe
2016-03-25 11:13 - 2016-03-25 11:13 - 000736320 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-04-20 11:13 - 2016-06-25 22:13 - 000739904 _____ (Oracle Corporation) C:\Users\angeles\AppData\Local\Temp\jre-8u91-windows-au.exe
2014-05-27 14:18 - 2014-05-28 11:43 - 033586888 ____N (Motorola Mobility) C:\Users\angeles\AppData\Local\Temp\MotoCast_Installer_2.0405.exe
2014-12-07 22:08 - 2014-12-07 22:08 - 001015320 _____ (NCH Software) C:\Users\angeles\AppData\Local\Temp\mpsetup.exe
2011-03-14 07:31 - 2011-03-14 07:31 - 000149352 ____R (Microsoft Corporation) C:\Users\angeles\AppData\Local\Temp\ose00000.exe
2014-11-02 10:00 - 2017-03-05 09:29 - 056756184 _____ (Skype Technologies S.A.) C:\Users\angeles\AppData\Local\Temp\SkypeSetup.exe
2015-02-13 21:47 - 2015-02-13 21:47 - 000008704 _____ (Microsoft Corporation) C:\Users\angeles\AppData\Local\Temp\SpOrder.dll
2006-05-22 13:10 - 2006-05-22 13:10 - 000455600 ____R (Macrovision Corporation) C:\Users\angeles\AppData\Local\Temp\_is5F69.exe
2006-10-28 19:10 - 2006-10-28 19:10 - 000455600 ____R (Macrovision Corporation) C:\Users\angeles\AppData\Local\Temp\_isE7DA.exe
2016-10-20 04:07 - 2016-10-20 04:07 - 044295032 _____ (Google Inc.) C:\Users\angeles\AppData\Local\Temp\{069E215A-3C5A-4D32-A4CA-CD5286D384ED}-54.0.2840.71_chrome_installer.exe
2017-06-23 01:56 - 2017-06-23 01:56 - 016115816 _____ (Google Inc.) C:\Users\angeles\AppData\Local\Temp\{13F7BABC-D8D9-4801-BB0D-870AC03856D0}-59.0.3071.115_58.0.3029.110_chrome_updater.exe
2015-11-17 16:56 - 2015-11-17 16:56 - 009654157 _____ () C:\Users\angeles\AppData\Local\Temp\{6BA2B92A-7B81-49F2-B80D-AC2C2CECD6B3}-46.0.2490.86_chrome_installer.exe
2017-07-22 17:49 - 2017-07-22 17:50 - 000739904 _____ (Oracle Corporation) C:\Users\Guest\AppData\Local\Temp\jre-8u141-windows-au.exe
2015-07-15 11:13 - 2015-07-15 11:13 - 000562272 _____ (Oracle Corporation) C:\Users\Guest\AppData\Local\Temp\jre-8u45-windows-au.exe
2016-02-05 18:05 - 2016-02-05 18:05 - 000644704 _____ (Oracle Corporation) C:\Users\Guest\AppData\Local\Temp\jre-8u71-windows-au.exe
2015-08-02 00:52 - 2015-08-02 00:52 - 000122880 _____ () C:\Users\Guest\AppData\Local\Temp\mp3el.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-27 20:34
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2017
Ran by angeles (28-11-2017 17:59:22)
Running from C:\Users\angeles\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-22 03:18:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3876371430-4153257343-302851002-500 - Administrator - Disabled)
angeles (S-1-5-21-3876371430-4153257343-302851002-1000 - Administrator - Enabled) => C:\Users\angeles
Guest (S-1-5-21-3876371430-4153257343-302851002-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3876371430-4153257343-302851002-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.2.0.0 - Best Buy) Hidden
BioExcess (HKLM\...\{A000F75A-A246-44A7-8079-9E9E7F9054B2}) (Version: 7.0.67.0 - Egis Technology Inc.) Hidden
BioExcess (HKLM-x32\...\{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.67.0 - Egis Technology Inc.) Hidden
BioExcess (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.67.0 - Egis Technology Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 1.1.4 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.1.4.10001 - CANON INC.)
Canon MF Toolbox 4.9.1.1.mf14 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf14 - CANON INC.)
Canon MF8200C Series (HKLM\...\{C2938963-3BB0-41cd-9769-E28814C59075}) (Version: 4.2.0.0 - CANON INC.)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3623 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.10.4 - Egis Technology Inc.)
Elgato Video Capture (HKLM-x32\...\{2E551F69-B2B5-4B59-82B3-45A91E47026F}) (Version: 1.13.6.116 - Elgato Systems GmbH)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Perfection V600 Photo Scanner Driver Update (HKLM-x32\...\{EBBE3D90-9344-43A7-A548-91BA02B3B7CD}) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ES603 WDM Driver (HKLM-x32\...\{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.10.4 - Egis Technology Inc.) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free YouTube Downloader 4.0.312 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-3876371430-4153257343-302851002-1000\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photosmart 6510 series Basic Device Software (HKLM\...\{B53F9744-F0FB-44A6-9739-335CDAB4488A}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo Security Suite (HKLM-x32\...\{0034859F-8E01-4C1D-BE77-F891C4786FBC}) (Version: 2.0.11.0 - Lenovo) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}) (Version: 2.0.11.0 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 3.73 - NCH Software)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Port Locker (HKLM\...\{1F494B8A-D6E6-4540-9A74-F773B63164A6}) (Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Port Locker (HKLM-x32\...\{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Port Locker (HKLM-x32\...\InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{0F7D4832-16AE-4857-A6FA-2B141D75A59B}) (Version: 7.7.0.219 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Streaming Video Recorder V2.1.2 (HKLM\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 2.1.2 - Apowersoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
TherapyEd's OT Exams 7th Edition (HKLM-x32\...\{D8E37409-0F2A-5104-267D-308638C67CEE}) (Version: 1.0 - Spearhead Global Inc.) Hidden
TherapyEd's OT Exams 7th Edition (HKLM-x32\...\TherapyEdsOTExams7e.32B9EDC2FDCC15847C4D6FB43F849BB889AADE68.1) (Version: 1.0 - Spearhead Global Inc.)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: 15.3.6.13 - Verizon)
Video Capture all v5.09.1202.00 (HKLM-x32\...\Software_Elgato_Video Capture all) (Version: 5.09.1202.00 - Elgato Systems)
Video Capture v5.09.1202.00 (HKLM-x32\...\Video Capture v5.09.1202.00) (Version: 5.09.1202.00 - Elgato Systems)
Watchtower Library 2014 - Italiano (HKLM-x32\...\{18AEA7C7-E30E-4786-BEB7-1FF0D818705A}) (Version: 16.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3876371430-4153257343-302851002-1000_Classes\CLSID\{81CD4B70-A8AB-48FC-826C-8F76A1A06829}\InprocServer32 -> C:\Users\angeles\AppData\Local\SkypePlugin\7.7.0.219\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3876371430-4153257343-302851002-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\angeles\AppData\Local\Citrix\GoToMeeting\5530\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3876371430-4153257343-302851002-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\angeles\AppData\Local\SkypePlugin\7.7.0.219\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3876371430-4153257343-302851002-1000_Classes\CLSID\{D779CCB8-300C-4160-B101-D6A5FD73294E}\localserver32 -> C:\Users\angeles\AppData\Local\SkypePlugin\7.7.0.219\GatewayVersion-x64.exe (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-10-22] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-27] (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2012-05-13] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-27] (AVAST Software)
ContextMenuHandlers1: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-10-22] (Synchronoss Technologies Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-27] (AVAST Software)
ContextMenuHandlers3: [EgisShellExt] -> {4AC48C52-DA87-48AB-BE92-96E4F0070CEA} => C:\Program Files (x86)\EgisTec BioExcess\x64\EgisShellExt.dll [2010-12-13] (Egis Technology Inc. )
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\windows\system32\SimpleExt.dll [2012-05-13] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-10-22] (Synchronoss Technologies Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-03-25] (Intel Corporation)
ContextMenuHandlers5: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-10-22] (Synchronoss Technologies Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-27] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [VerizonCtxMenu] -> {8CA825D9-C7DB-4833-9901-E7400521CE04} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.ContextMenus.dll [2015-10-22] (Synchronoss Technologies Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1205D537-C32B-41AF-A3BA-64E69A8A215F} - System32\Tasks\{696DADA3-B522-4B59-B