Jump to content


Photo

Word opens when I start my laptop


  • Please log in to reply
9 replies to this topic

#1 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 121 posts

Posted 30 November 2017 - 03:35 PM

This is very strange.  I have a Microsoft Surface Book, Windows 10, with all updates, everything works fine, except when I boot up, Microsoft Word starts 6 or 7 times, and when I try to exit, a window pops up saying "Changes have been made that affect the global template, Normal.dotm.  Do you want to save those changes?"  And regardless of what I say, Save, Don't Save, or Cancel, I have to keep hitting "X" to get out of word, and get to my Desktop.  Really annoying.  I've run Malwarebyes, CCleaner, Spybot, I have a paid version of Avast, keep running that....and nothing...it keeps happening.  I've gone into Task Manager, and it's not in the Startup routine...Has anyone seen this?  So, I ran MBAM and attached the txt file below, and I ran FRST and attached that file as well.  Can you help?  Thank you in advance.   Carl

Attached Files



#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,531 posts

Posted 03 December 2017 - 04:58 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,170 posts

Posted 03 December 2017 - 07:24 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
 
 
Hi, Carlgrus
 
If you still need help please post the FRST.txt log that was created by the Farbar program.
 
I will review it and advise.
 
nasdaq

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 121 posts

Posted 04 December 2017 - 09:43 AM

Here's the FRST.txt log .... thank you

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by Carl Russell (administrator) on DESKTOP-NA3AC93 (04-12-2017 10:37:57)
Running from C:\Users\Carl Russell\Downloads
Loaded Profiles: Carl Russell (Available Profiles: Carl Russell)
Platform: Windows 10 Pro Version 1709 16299.64 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Windows\System32\GManager.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Windows\System32\mlpatch.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\SurfaceDtxService.exe
(Microsoft Corporation) C:\Windows\System32\SurfaceUsbHubFwUpdateService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Windows\System32\SurfaceDTX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Dashlane, Inc.) C:\Users\Carl Russell\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dashlane, Inc.) C:\Users\Carl Russell\AppData\Roaming\Dashlane\Dashlane.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SurfaceDTX.exe] => C:\WINDOWS\System32\SurfaceDTX.exe [821904 2016-10-27] ()
HKLM\...\Run: [TUCCDUtil] => C:\Program Files (x86)\Mct Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe [1895120 2016-02-19] (Magic Control Technology Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2414520 2017-02-09] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-09] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [19456 2017-07-24] (Swiftpage ACT! LLC)
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-05-25] ()
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [301008 2017-05-25] (Swiftpage ACT! LLC)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1361\g2ax_winlogonx64.dll [X]
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [Dashlane] => C:\Users\Carl Russell\AppData\Roaming\Dashlane\Dashlane.exe [456656 2017-11-22] (Dashlane, Inc.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [Safe PST Backup] => C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe [5105656 2016-04-14] (4Team Corporation)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [DashlanePlugin] => C:\Users\Carl Russell\AppData\Roaming\Dashlane\DashlanePlugin.exe [502736 2017-11-22] (Dashlane, Inc.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [GoogleChromeAutoLaunch_6D133E8E7172CE845EF6EAC947B0E399] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [BingSvc] => C:\Users\Carl Russell\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-11-18]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-11-18]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Carl Russell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-28]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.75.1
Tcpip\..\Interfaces\{6bf6026b-c085-487e-9c53-e235445b9cdc}: [DhcpNameServer] 192.168.75.1
Tcpip\..\Interfaces\{a6779b06-3637-4d25-a09e-7f8dd53f2233}: [DhcpNameServer] 192.168.75.1
Tcpip\..\Interfaces\{e84f3f4c-c02a-4773-8d69-be18be21ef2a}: [DhcpNameServer] 172.16.1.10
Tcpip\..\Interfaces\{ebcf63c7-543a-49e8-8cba-242ab48dd3b4}: [DhcpNameServer] 192.168.75.1
Tcpip\..\Interfaces\{efa17ca0-407c-4df7-b191-41aad6a9444b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-22] (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-04-08] (Intel Security)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Carl Russell\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2017-11-22] (Dashlane, Inc.)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Carl Russell\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2017-11-22] (Dashlane, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-22] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004 -> hxxp://www.bing.com/

FireFox:
========
FF DefaultProfile: crussell@hpearce.com
FF ProfilePath: C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595 [2017-12-04]
FF Homepage: Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595 -> hxxp://www.bing.com/
FF Extension: (Cisco WebEx Extension) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\ciscowebexstart1@cisco.com.xpi [2017-09-19]
FF Extension: (__MSG_extName__) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\firefoxdav@icloud.com.xpi [2017-10-10]
FF Extension: (Dashlane) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\jetpack-extension@dashlane.com.xpi [2017-12-04]
FF Extension: (Avast SafePrice) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\sp@avast.com.xpi [2017-11-27]
FF Extension: (Avast Online Security) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\wrc@avast.com.xpi [2017-10-12]
FF Extension: (Adblock Plus) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Carl Russell\AppData\Roaming\Mozilla\Firefox\Profiles\yyclqesd.default-1447192209595\features\{432f4f80-5077-45ce-bab5-80603156c916}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-27] [Lagacy]
FF HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\Carl Russell\AppData\Roaming\Dashlane\5.2.0.12122\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: (No Name) - C:\Users\Carl Russell\AppData\Roaming\Dashlane\5.2.0.12122\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2017-11-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2502126243-2453895596-2800589288-1004: SkypePlugin -> C:\Users\Carl Russell\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi.dll [2016-12-08] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2502126243-2453895596-2800589288-1004: SkypePlugin64 -> C:\Users\Carl Russell\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi-x64.dll [2016-12-08] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Users\Carl Russell\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-09-19] (Cisco WebEx LLC)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR Profile: C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default [2017-12-04]
CHR Extension: (Docs) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-10-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Avast SafePrice) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-24]
CHR Extension: (Dashlane - Password Manager) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-11-16]
CHR Extension: (MSN Homepage) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2017-08-24]
CHR Extension: (Avast Online Security) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-16]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (RocketReach Chrome Extension) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiecklaabeielolbliiddlbokpfnmhba [2017-06-27]
CHR Extension: (Gmail) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-11]
CHR HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-05-25] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2017-05-25] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27136 2017-05-25] (Microsoft) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [332368 2017-11-09] (AVAST Software)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-15] (Microsoft Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [465912 2016-07-14] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
R2 GManager; C:\WINDOWS\system32\GManager.exe [313432 2012-08-28] ()
S2 GoToAssist Remote Support Customer; C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1361\g2ax_service.exe [607208 2017-07-19] (LogMeIn, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [391168 2016-07-14] (Intel Corporation)
S3 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MlPatch; C:\WINDOWS\system32\MlPatch.exe [2244912 2014-08-22] ()
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2016-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2017-01-15] (NVIDIA Corporation)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [252344 2012-06-15] (arvato digital services llc)
S3 SafePSTShadowCopy; C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [15880 2016-04-14] (4Team)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4297920 2017-09-29] (Microsoft Corporation)
S2 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2016-05-27] (Microsoft Corporation)
R2 SurfaceDtxService; C:\WINDOWS\system32\SurfaceDtxService.exe [94856 2016-10-27] (Microsoft Corporation)
R2 SurfaceUsbHubFwUpdateService; C:\WINDOWS\System32\SurfaceUsbHubFwUpdateService.exe [951056 2017-02-09] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
S3 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [868592 2016-03-31] (McAfee, Inc.)
S3 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-03-31] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-03-31] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-09] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-09] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-09] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-09] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-31] (REALiX™)
R3 iactrllogic; C:\WINDOWS\System32\drivers\iactrllogic64.sys [191880 2017-10-11] (Intel® Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-04] (Malwarebytes)
R3 mctkmd; C:\WINDOWS\system32\drivers\mctkmd64.sys [172752 2016-02-03] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\WINDOWS\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmso.inf_amd64_98dc755eff368925\nvlddmkm.sys [14248888 2017-02-09] (NVIDIA Corporation)
S4 RsFx0301; C:\WINDOWS\System32\DRIVERS\RsFx0301.sys [249024 2016-05-27] (Microsoft Corporation)
R3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [375296 2017-01-17] (Realtek )
R3 SurfaceBaseIntegration; C:\WINDOWS\System32\drivers\SurfaceBaseIntegration.sys [59448 2015-09-09] (Microsoft Corporation)
R0 SurfaceUsbHubFwUpdate; C:\WINDOWS\System32\drivers\SurfaceUsbHubFwUpdate.sys [80144 2017-02-09] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-04 10:37 - 2017-12-04 10:38 - 000030745 _____ C:\Users\Carl Russell\Downloads\FRST.txt
2017-12-04 10:34 - 2017-12-04 10:37 - 002391552 _____ (Farbar) C:\Users\Carl Russell\Downloads\FRST64.exe
2017-11-30 16:30 - 2017-11-30 16:30 - 000074866 _____ C:\Users\Carl Russell\Desktop\Addition.txt
2017-11-30 16:26 - 2017-12-04 10:37 - 000000000 ____D C:\FRST
2017-11-30 16:25 - 2017-11-30 16:25 - 000001269 _____ C:\Users\Carl Russell\Desktop\MBAM 11-30.txt
2017-11-30 15:21 - 2017-11-30 15:21 - 003634829 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(22).pdf
2017-11-30 15:20 - 2017-11-30 15:20 - 003617057 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(21).pdf
2017-11-30 15:19 - 2017-11-30 15:19 - 000077794 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(20).pdf
2017-11-30 15:17 - 2017-11-30 15:17 - 003617026 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(19).pdf
2017-11-30 12:50 - 2017-11-30 12:50 - 004281869 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(17).pdf
2017-11-30 12:48 - 2017-11-30 12:48 - 004263047 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(16).pdf
2017-11-30 12:30 - 2017-11-30 12:46 - 000078356 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(18).pdf
2017-11-28 10:01 - 2017-11-30 16:14 - 000002382 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_Carl Russell
2017-11-20 09:54 - 2017-12-04 09:33 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-20 09:54 - 2017-11-22 16:43 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-20 09:54 - 2017-11-22 16:43 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-20 09:54 - 2017-11-22 16:43 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-20 09:54 - 2017-11-20 09:54 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-20 09:54 - 2017-11-20 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-20 09:54 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-17 16:12 - 2017-11-17 16:12 - 000000000 ____D C:\Users\Carl Russell\OneDrive\Documents\Custom Office Templates
2017-11-17 11:40 - 2017-11-17 11:40 - 001510612 _____ C:\Users\Carl Russell\Downloads\Dollar-General-Highway-39-Chappells-SC-2017-5.pdf
2017-11-17 09:57 - 2017-11-17 09:57 - 000000000 ____D C:\Users\Carl Russell\AppData\Local\GoTo Opener
2017-11-16 13:19 - 2017-11-16 13:19 - 010849904 _____ (Piriform Ltd) C:\Users\Carl Russell\Downloads\ccsetup537.exe
2017-11-16 13:17 - 2017-11-16 13:17 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-11-16 13:17 - 2017-11-16 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-11-15 14:49 - 2017-10-25 04:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-15 14:49 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-15 14:49 - 2017-10-25 04:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-15 14:49 - 2017-10-25 03:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-15 14:49 - 2017-10-25 03:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-15 14:49 - 2017-10-25 03:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-15 14:49 - 2017-10-25 01:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-15 14:49 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-15 14:49 - 2017-10-24 23:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 14:49 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 14:49 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-15 14:49 - 2017-10-24 23:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-15 14:49 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 14:49 - 2017-10-24 23:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-15 14:49 - 2017-10-24 23:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-15 14:49 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 14:49 - 2017-10-24 23:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 14:49 - 2017-10-24 23:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 14:49 - 2017-10-24 23:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-15 14:49 - 2017-10-24 23:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 14:49 - 2017-10-24 23:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-15 14:49 - 2017-10-24 23:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 14:49 - 2017-10-24 23:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 14:49 - 2017-10-24 23:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-15 14:49 - 2017-10-24 23:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-15 14:49 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-15 14:49 - 2017-10-24 23:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-15 14:49 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-15 14:49 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-15 14:49 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-15 14:49 - 2017-10-24 23:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-15 14:49 - 2017-10-24 23:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-15 14:49 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 14:49 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-15 14:49 - 2017-10-24 23:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-15 14:49 - 2017-10-24 23:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-15 14:49 - 2017-10-24 23:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-15 14:49 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-15 14:49 - 2017-10-24 22:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-15 14:49 - 2017-10-24 22:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 14:49 - 2017-10-24 22:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 14:49 - 2017-10-24 22:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-15 14:49 - 2017-10-24 22:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-15 14:49 - 2017-10-24 22:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-15 14:49 - 2017-10-24 22:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-15 14:49 - 2017-10-24 22:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-15 14:49 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-15 14:49 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-15 14:49 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-15 14:49 - 2017-10-24 22:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-15 14:49 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 14:49 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-15 14:49 - 2017-10-24 22:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 14:49 - 2017-10-24 22:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-15 14:49 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-15 14:49 - 2017-10-24 22:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-15 14:49 - 2017-10-24 22:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-15 14:49 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-15 14:49 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-15 14:49 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-15 14:49 - 2017-10-24 22:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 14:49 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-15 14:49 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-15 14:49 - 2017-10-24 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 14:49 - 2017-10-24 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 14:49 - 2017-10-24 22:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-15 14:49 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-15 14:49 - 2017-10-24 22:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 14:49 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-15 14:49 - 2017-10-24 22:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-15 14:49 - 2017-10-24 22:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-15 14:49 - 2017-10-24 22:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 14:49 - 2017-10-24 22:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-15 14:49 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 14:49 - 2017-10-24 22:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 14:49 - 2017-10-24 22:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 14:49 - 2017-10-24 22:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-15 14:49 - 2017-10-24 22:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-15 14:49 - 2017-10-24 22:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 14:49 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-15 14:49 - 2017-10-24 22:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 14:49 - 2017-10-24 22:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-15 14:49 - 2017-10-24 22:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-15 14:49 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-15 14:49 - 2017-10-24 22:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 14:49 - 2017-10-24 22:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 14:49 - 2017-10-24 22:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 14:49 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-15 14:49 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 14:49 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-15 14:49 - 2017-10-24 22:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-15 14:49 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 14:49 - 2017-10-24 22:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 14:49 - 2017-10-24 22:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 14:49 - 2017-10-24 21:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 14:49 - 2017-10-24 21:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 14:49 - 2017-10-24 21:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-15 14:49 - 2017-10-24 21:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-15 14:49 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-15 14:49 - 2017-10-24 21:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 14:49 - 2017-10-24 21:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-15 14:49 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-15 14:49 - 2017-10-21 07:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-15 14:49 - 2017-10-20 09:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-15 14:49 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 13:36 - 2017-11-15 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-15 13:16 - 2017-11-15 13:17 - 001018205 _____ C:\Users\Carl Russell\Downloads\Properties for Lease(2).pdf
2017-11-15 13:16 - 2017-11-15 13:16 - 000065536 _____ C:\Users\Carl Russell\Downloads\Properties for Lease(1).pdf
2017-11-15 13:15 - 2017-11-15 13:15 - 000065537 _____ C:\Users\Carl Russell\Downloads\Properties for Lease.pdf
2017-11-14 16:58 - 2017-11-14 16:58 - 002413200 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(15).pdf
2017-11-14 16:57 - 2017-11-14 16:57 - 002405729 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(14).pdf
2017-11-14 16:40 - 2017-11-14 16:40 - 001140167 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(13).pdf
2017-11-14 16:39 - 2017-11-14 16:39 - 000034487 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(12).pdf
2017-11-14 16:38 - 2017-11-14 16:38 - 000034487 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(11).pdf
2017-11-14 12:04 - 2017-11-14 12:04 - 023576461 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(10).pdf
2017-11-13 17:53 - 2017-11-13 17:55 - 000571122 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(9).pdf
2017-11-13 17:51 - 2017-11-13 17:51 - 017178359 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(8).pdf
2017-11-13 17:49 - 2017-11-13 17:49 - 000528212 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(7).pdf
2017-11-13 17:48 - 2017-11-13 17:48 - 000528179 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(6).pdf
2017-11-13 17:47 - 2017-11-13 17:47 - 000528128 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(5).pdf
2017-11-13 16:39 - 2017-11-13 16:39 - 002821728 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(4).pdf
2017-11-13 16:38 - 2017-11-13 16:38 - 002815515 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(3).pdf
2017-11-13 16:37 - 2017-11-13 16:37 - 000099039 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(2).pdf
2017-11-13 16:17 - 2017-11-13 16:17 - 002484376 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(1).pdf
2017-11-13 16:16 - 2017-11-13 16:16 - 002459502 _____ C:\Users\Carl Russell\Downloads\Properties for Sale.pdf
2017-11-13 15:57 - 2017-11-13 15:57 - 002854606 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(63).pdf
2017-11-13 15:57 - 2017-11-13 15:57 - 002843763 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(62).pdf
2017-11-13 15:47 - 2017-11-13 15:47 - 001740002 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(61).pdf
2017-11-13 11:31 - 2017-11-13 11:31 - 001548377 _____ C:\Users\Carl Russell\Desktop\Orange Promenade - Flyer.pdf
2017-11-13 05:26 - 2017-11-13 05:26 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-11-13 05:26 - 2017-11-13 05:26 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-11-13 05:26 - 2017-11-13 05:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-11-13 05:26 - 2017-11-13 05:26 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-11-10 10:44 - 2017-11-10 10:44 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-11-09 13:41 - 2017-11-09 13:41 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-09 13:41 - 2017-11-09 13:41 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-09 11:32 - 2017-11-09 11:32 - 000112357 _____ C:\Users\Carl Russell\Downloads\Properties for Sale(60).pdf
2017-11-06 13:16 - 2017-11-06 13:16 - 006959130 _____ C:\Users\Carl Russell\Downloads\NAR_Commercial_Awards_Poster_2017_FINAL.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-04 10:21 - 2017-10-31 13:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-04 09:32 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-04 09:32 - 2016-11-18 16:22 - 000000000 ____D C:\Users\Carl Russell\AppData\LocalLow\Mozilla
2017-12-04 09:31 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-04 09:31 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-04 09:30 - 2017-10-31 13:58 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F315B7F-A0ED-4B2A-9486-395B5A191E7A}
2017-12-04 09:30 - 2017-10-31 13:58 - 000003518 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-12-01 09:38 - 2016-03-09 12:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-30 16:28 - 2015-10-28 06:46 - 000000000 ____D C:\Users\Carl Russell\Desktop\Spyware Utilities
2017-11-30 16:14 - 2017-10-31 14:10 - 000003092 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-30 16:14 - 2017-10-31 13:58 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-30 16:14 - 2017-10-31 13:58 - 000003466 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-11-30 16:14 - 2017-10-31 13:58 - 000003370 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1447798629
2017-11-30 16:14 - 2017-10-31 13:58 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-30 16:14 - 2017-10-31 13:58 - 000003302 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2502126243-2453895596-2800589288-1004
2017-11-30 16:14 - 2017-10-31 13:58 - 000003298 _____ C:\WINDOWS\System32\Tasks\4Team updater
2017-11-30 16:14 - 2017-10-31 13:58 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-30 16:14 - 2017-10-31 13:58 - 000003242 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-11-30 16:14 - 2017-10-31 13:58 - 000003206 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2502126243-2453895596-2800589288-1004
2017-11-30 16:14 - 2017-10-31 13:58 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-30 16:14 - 2017-10-31 13:58 - 000003008 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2017-11-30 16:14 - 2017-10-31 13:58 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2502126243-2453895596-2800589288-1004
2017-11-30 16:14 - 2017-10-31 13:58 - 000002656 _____ C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask
2017-11-30 16:14 - 2017-10-31 13:58 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-11-30 16:14 - 2017-10-31 13:58 - 000002464 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2017-11-30 16:14 - 2017-10-31 13:58 - 000002280 _____ C:\WINDOWS\System32\Tasks\FormatPackage_SkipUac_Carl Russell
2017-11-30 16:14 - 2017-10-31 13:58 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-11-30 16:14 - 2017-10-31 13:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-11-30 16:14 - 2017-05-03 15:02 - 000000952 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-30 16:14 - 2017-05-03 15:02 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-30 16:14 - 2015-11-13 13:57 - 000000704 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2502126243-2453895596-2800589288-1004.job
2017-11-30 16:14 - 2015-11-13 13:57 - 000000608 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2502126243-2453895596-2800589288-1004.job
2017-11-30 14:22 - 2017-10-31 13:52 - 000000000 ____D C:\Users\Carl Russell\AppData\Local\Packages
2017-11-30 09:49 - 2017-03-09 10:48 - 000000000 ____D C:\Users\Carl Russell\AppData\Local\CrashDumps
2017-11-28 17:24 - 2017-10-31 13:51 - 000000000 ____D C:\Users\Carl Russell
2017-11-28 09:52 - 2016-10-06 16:03 - 000001984 _____ C:\Users\Carl Russell\Desktop\Dashlane.lnk
2017-11-28 09:52 - 2016-05-03 13:51 - 000000000 ____D C:\Users\Carl Russell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2017-11-28 09:52 - 2016-05-03 13:51 - 000000000 ____D C:\Users\Carl Russell\AppData\Roaming\Dashlane
2017-11-27 09:40 - 2017-07-10 11:10 - 000000000 ____D C:\Users\Carl Russell\AppData\Local\GoToMeeting
2017-11-27 09:25 - 2017-10-31 14:03 - 001244922 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-24 14:47 - 2015-10-29 08:37 - 000000000 ____D C:\Users\Carl Russell\AppData\Roaming\TeamViewer
2017-11-22 17:48 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-22 17:44 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-22 17:42 - 2015-10-27 20:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-22 16:43 - 2015-10-29 13:01 - 000002810 _____ C:\WINDOWS\system32\GManager.ini
2017-11-22 16:42 - 2017-10-31 13:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-22 16:42 - 2017-09-29 03:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-11-22 16:42 - 2017-06-12 08:57 - 000040190 _____ C:\WINDOWS\system32\OV5693_FRONT.aiqd
2017-11-22 16:42 - 2017-04-13 10:08 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-22 16:42 - 2017-04-13 10:08 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-22 16:42 - 2015-10-28 06:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-22 16:38 - 2017-10-11 09:23 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-22 16:38 - 2015-10-28 06:17 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-22 16:27 - 2015-10-29 08:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-22 07:48 - 2017-10-31 13:58 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-11-20 09:54 - 2017-03-21 15:55 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-20 09:54 - 2015-10-28 06:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-17 10:55 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-17 09:57 - 2015-10-30 09:36 - 000000000 ____D C:\Users\Carl Russell\AppData\Local\Citrix
2017-11-17 09:39 - 2017-01-10 16:12 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-16 17:33 - 2015-10-27 19:57 - 000000000 __RDL C:\Users\Carl Russell\OneDrive
2017-11-16 13:38 - 2015-10-28 06:49 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-16 13:30 - 2017-10-31 13:25 - 000391280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-16 13:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 13:29 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-16 13:27 - 2015-10-27 20:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-16 13:21 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-16 09:42 - 2015-10-28 06:50 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 17:45 - 2017-08-26 06:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-15 17:45 - 2015-10-27 20:42 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-15 17:45 - 2015-10-27 20:42 - 000000000 ____D C:\Users\Carl Russell\AppData\Roaming\Mozilla
2017-11-15 14:51 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 13:36 - 2017-05-03 15:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-14 13:34 - 2016-01-19 15:16 - 000000000 ____D C:\Users\Carl Russell\AppData\LocalLow\WebEx
2017-11-14 13:34 - 2016-01-19 15:16 - 000000000 ____D C:\ProgramData\WebEx
2017-11-14 10:48 - 2015-11-17 16:45 - 000000000 ____D C:\ProgramData\Skype
2017-11-14 10:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 10:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-13 12:00 - 2017-10-31 17:24 - 000000000 ____D C:\Windows.old
2017-11-13 09:24 - 2015-10-27 19:57 - 000002395 _____ C:\Users\Carl Russell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-09 13:41 - 2017-06-09 13:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-09 13:41 - 2015-10-28 06:49 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-09 13:40 - 2017-02-15 12:19 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-09 13:40 - 2017-02-15 12:19 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-09 13:40 - 2017-02-15 12:19 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-09 13:40 - 2017-02-15 12:19 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-09 13:40 - 2016-02-08 12:30 - 000570152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-11-09 13:40 - 2015-10-28 06:49 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2015-12-17 16:27 - 2015-12-17 16:46 - 008935392 _____ (Swiftpage Act! LLC                                          ) C:\Users\Carl Russell\AppData\Roaming\act17sp2hf2bss.exe
2016-05-10 13:00 - 2016-05-10 13:02 - 331644248 _____ (Swiftpage Act! LLC                                          ) C:\Users\Carl Russell\AppData\Roaming\act1810update3ss.exe
2016-01-18 20:28 - 2016-01-19 15:53 - 023160352 _____ (Swiftpage Act! LLC                                          ) C:\Users\Carl Russell\AppData\Roaming\act18hf4ass.exe
2017-05-10 10:36 - 2017-05-10 10:36 - 003373848 _____ (Swiftpage Act! LLC                                          ) C:\Users\Carl Russell\AppData\Roaming\act1910update2ss.exe
2015-10-28 06:17 - 2017-08-18 08:54 - 000000723 ____H () C:\Users\Carl Russell\AppData\Roamin


#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,170 posts

Posted 05 December 2017 - 08:59 AM

 
Hi,
 
Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
 
Please copy the entire contents of the code box below to a new file.
 
 
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\GoToAssist Express Customer: C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\1361\g2ax_winlogonx64.dll [X]
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Run: [BingSvc] => C:\Users\Carl Russell\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
CHR Extension: (Avast SafePrice) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-24]
CHR Extension: (MSN Homepage) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2017-08-24]
CHR Extension: (Avast Online Security) - C:\Users\Carl Russell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-16]
CHR HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
 
If the problem persists please post for my review the Addition.txt file created by the Farbar program.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 121 posts

Posted 05 December 2017 - 08:31 PM

Thank you, it seems to have worked very well.  Can you tell me how this happened? or what I can do to prevent this?  It is one of the oddest things that's happened.  Thanks again, greatly appreciated and Happy Holidays.   Carl



#7 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 121 posts

Posted 11 December 2017 - 10:17 AM

So, it started to do it again this morning....so here is the Addition.txt file....thanks again.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Carl Russell (30-11-2017 16:28:33)
Running from C:\Users\Carl Russell\Desktop\Spyware Utilities
Windows 10 Pro Version 1709 16299.64 (X64) (2017-10-31 19:01:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2502126243-2453895596-2800589288-500 - Administrator - Disabled)
Carl Russell (S-1-5-21-2502126243-2453895596-2800589288-1004 - Administrator - Enabled) => C:\Users\Carl Russell
DefaultAccount (S-1-5-21-2502126243-2453895596-2800589288-503 - Limited - Disabled)
Guest (S-1-5-21-2502126243-2453895596-2800589288-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2502126243-2453895596-2800589288-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Team Safe PST Backup Free Edition (HKLM-x32\...\{B197DCCD-2AF1-4B22-A332-7A7C112A2172}) (Version: 2.60.0599 - 4Team Corporation)
Act! Pro (HKLM-x32\...\{41FE16C5-DFEB-49FC-8A47-55E0F0E02FCF}) (Version: 19.2.0.0 - Swiftpage ACT! LLC) Hidden
Act! Pro (HKLM-x32\...\InstallShield_{41FE16C5-DFEB-49FC-8A47-55E0F0E02FCF}) (Version: 19.2.0.0 - Swiftpage ACT! LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{361A49FA-59B3-49FB-8C3E-08AF3EA5791A}) (Version: 4.0.917 - Microsoft Corporation)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Dashlane (HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\Dashlane) (Version: 5.2.0.12122 - Dashlane, Inc.)
Debugging Tools for Windows (x64) (HKLM\...\{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}) (Version: 6.11.1.404 - Microsoft Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
DYMO Label Software (HKLM-x32\...\DYMO Label Software) (Version:  - )
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
Family Tree Maker 2014.1 (HKLM\...\{6DF6B967-71FE-4921-BC4C-91724F22726C}) (Version: 22.0.1510 - Software MacKiev)
Family Tree Maker 2017 (HKLM\...\{6BEF69F9-92AA-4BCC-8529-DA42F585EC36}) (Version: 23.0.1343 - Software MacKiev)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
Hotfix 2569 for SQL Server 2014 (KB3158271) (64-bit) (HKLM\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation)
HP 10bII+ Virtual Calculator (HKLM-x32\...\{C6ABAE79-1C6E-45DF-84DA-ADA90740F2FB}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.8.37.11 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Insperity ExpensAble Office (HKLM-x32\...\{12C45EBF-343F-40F8-87AE-C9BEA335D5E0}) (Version: 9.1.1 - Insperity Expense Management)
Intel Security True Key (HKLM\...\TrueKey) (Version: 3.9.141.1 - Intel Security)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4409 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8625.2132 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{92FBD63F-918C-4465-A283-957B15042D80}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{2C8240B9-2142-4A0E-9678-7F3C678E34C6}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\4415f693b586d348) (Version: 16.0.1369.8 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 (HKLM\...\{965DF723-5688-359E-84D2-417CAFE644B5}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM-x32\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
NVIDIA Update 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7424 - Realtek Semiconductor Corp.)
Realtek USB Gigabit Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.17.812.2014 - Realtek)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{E8A70371-2C4D-4B12-831D-6A4BB9AC7AEF}) (Version: 7.29.0.73 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
Trigger External Graphics Family 16.02.0315.0179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 16.02.0315.0179 - MCT Corp)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.29 - Tweaking.com)
VSDC Free Video Editor version 5.7.7.700 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 5.7.7.700 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}) (Version: 21.0.12288 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Carl Russell\AppData\Local\GoToMeeting\7881\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004_Classes\CLSID\{A03A51A2-5B59-4ECE-96D1-037F7F2A0D8F}\localserver32 -> C:\Users\Carl Russell\AppData\Local\SkypePlugin\7.29.0.73\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Carl Russell\AppData\Local\SkypePlugin\7.29.0.73\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2502126243-2453895596-2800589288-1004_Classes\CLSID\{FE0A3EA9-4DDA-4B0A-9981-5ABE8F0186CD}\InprocServer32 -> C:\Users\Carl Russell\AppData\Local\SkypePlugin\7.29.0.73\GatewayActiveX-x64.dll (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-09] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatPackage] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-09-09] (Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitShellExt64.dll [2010-04-13] (TechSmith Corporation)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-10-22] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-09] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} =>  -> No File
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitShellExt64.dll [2010-04-13] (TechSmith Corporation)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-10-22] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-01-15] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-09] (AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-10-22] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {106AA501-219E-43F2-8546-BCEB4651BC4A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {14C17C21-EF48-49C0-98C0-F0A8C58AEFBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {15216095-31D6-42D5-A223-D1732B6A5FD7} - System32\Tasks\4Team updater => C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [2014-06-10] ()
Task: {27F83877-5E18-42EA-BB7D-D50667C37AD1} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E51984C-129F-4268-8B55-4813A3E41DAD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {35237C7E-3628-4DF2-9B25-EEC64D617181} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {36B8AE70-8450-4E7B-9C13-F3CAA954A9B8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {380B8BEF-58C3-428C-B51C-808EEEC4427D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {3B6DD04B-49B5-4FD3-81AF-8EAD88380F8A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-09] (AVAST Software)
Task: {3C4647F0-30D2-427C-92B3-9A49B10B1F70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-15] (Microsoft Corporation)
Task: {46E42283-5F0D-4127-BDF1-6C639A0003D6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-03] (Dropbox, Inc.)
Task: {4780BBBF-CD5D-466F-8216-175A22FD5C90} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {4B76B3C4-F283-4124-B48D-491C5BA512A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-15] (Microsoft Corporation)
Task: {4F85B63C-1A34-4943-9599-F41FC3981221} - System32\Tasks\FormatPackage_SkipUac_Carl Russell => C:\Program Files (x86)\iFunSoft\Format Package\FormatPackage.exe
Task: {554C0289-B1F3-4482-A4CF-66EC0DD62D69} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-09-09] (Apple Inc.)
Task: {5C5BCD71-C8F7-4157-9F88-520FF7A1A1DC} - System32\Tasks\G2MUpdateTask-S-1-5-21-2502126243-2453895596-2800589288-1004 => C:\Users\Carl Russell\AppData\Local\GoToMeeting\7943\g2mupdate.exe [2017-11-20] (LogMeIn, Inc.)
Task: {64475BAA-06A5-481E-9321-ECFA787E9DEC} - System32\Tasks\G2MUploadTask-S-1-5-21-2502126243-2453895596-2800589288-1004 => C:\Users\Carl Russell\AppData\Local\GoToMeeting\7943\g2mupload.exe [2017-11-20] (LogMeIn, Inc.)
Task: {64D9FD31-4A81-45C9-8065-E5B1DD662070} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {702009BC-B464-4AA7-A807-4D32E86A7D1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {752FC857-EA8D-4E29-9723-0815B3740301} - System32\Tasks\SafeZone scheduled Autoupdate 1447798629 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {7DE283F0-B526-412D-A50E-15BD980E66F1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {7E19B2B2-F39A-48BD-AB75-640B21ED39F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-22] (Microsoft Corporation)
Task: {879A349B-065C-43A7-A144-90680326B602} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {92134120-1547-4A38-999E-0BAF7FF1BC9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.)
Task: {949071FA-0B41-43C5-9DE9-637B8C63A37E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-11-22] (Microsoft Corporation)
Task: {9A2004B8-8A85-4B72-80A4-CB5012FCC882} - System32\Tasks\ASC10_SkipUac_Carl Russell => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {9C1D9B06-FD45-44F2-B378-4442434D1B41} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {9EDE7BBB-7195-4968-B0F0-7F74FA7C0BF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {B77BB33F-A2B2-44EF-82ED-5B274AB020F7} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {DCBF50EC-7896-4627-9A94-749B007525A7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E699B99B-18EC-4004-8947-1D0DD2E364FD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {E868447B-DAA5-41C7-AAC6-6AB333B1A18B} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {F382F874-2685-4BDA-923A-7D0AD11B7D67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {FAD22C94-4CE1-4816-8B20-6512255D832A} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-10-22] (WinZip Computing, S.L.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2502126243-2453895596-2800589288-1004.job => C:\Users\Carl Russell\AppData\Local\GoToMeeting\7943\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2502126243-2453895596-2800589288-1004.job => C:\Users\Carl Russell\AppData\Local\GoToMeeting\7943\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000419840 _____ () c:\windows\system32\SSDM.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-29 13:01 - 2012-08-28 14:20 - 000313432 _____ () C:\WINDOWS\system32\GManager.exe
2017-11-20 09:54 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-20 09:54 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-10-27 20:07 - 2014-08-22 17:10 - 002244912 _____ () C:\WINDOWS\system32\MlPatch.exe
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 000220672 _____ () C:\WINDOWS\System32\HeatCore.dll
2017-04-13 10:08 - 2017-01-15 18:55 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-09-29 08:42 - 2017-09-29 09:42 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 08:42 - 2017-09-29 09:42 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-27 22:09 - 2016-10-27 22:09 - 000821904 ____N () C:\Windows\System32\SurfaceDTX.exe
2017-05-25 13:03 - 2017-05-25 13:03 - 000023552 _____ () C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
2017-11-30 09:45 - 2017-11-30 09:45 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 09:45 - 2017-11-30 09:45 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 000136192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2017-09-14 05:15 - 2017-09-14 05:17 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-13 09:24 - 2017-11-13 09:25 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-19 12:39 - 2017-10-19 12:40 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-19 12:39 - 2017-10-19 12:40 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 10:20 - 2017-08-29 10:20 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-13 09:24 - 2017-11-13 09:25 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 000244736 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\Microsoft.Skype.ImageTool.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 000041472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\TraceProvider.dll
2017-11-30 09:45 - 2017-11-30 09:45 - 000922624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\VideoN.dll
2017-08-30 09:11 - 2017-08-30 09:11 - 000016896 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2017-08-30 09:11 - 2017-08-30 09:11 - 016135680 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2017-11-21 08:33 - 2017-11-21 08:33 - 005224328 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1711.2.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-03-04 09:58 - 2016-03-04 09:59 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-22 17:13 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-01-22 17:13 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-01-22 17:13 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-01-22 17:13 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-01-22 17:13 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-03-08 14:25 - 2017-02-09 21:50 - 000036280 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-11-09 13:41 - 2017-11-09 13:41 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-09 13:41 - 2017-11-09 13:41 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-05 08:41 - 2017-07-05 08:41 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-09 13:41 - 2017-11-09 13:41 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-09 13:41 - 2017-11-09 13:41 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-09 13:40 - 2017-11-09 13:40 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-08 23:45 - 2017-05-08 23:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-15 13:36 - 2017-11-13 05:26 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-11-15 13:36 - 2017-11-13 05:26 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-03 15:03 - 2017-11-13 05:26 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-03 15:03 - 2017-11-13 05:28 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-11-15 13:36 - 2017-11-13 05:26 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-11-15 13:36 - 2017-11-13 05:26 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-03 15:03 - 2017-11-13 05:26 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-11-15 13:36 - 2017-11-13 05:26 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-11-15 13:36 - 2017-11-13 05:26 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-03 15:03 - 2017-11-13 05:28 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-25 09:19 - 2017-11-13 05:26 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-07 08:49 - 2017-11-13 05:29 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-05-17 13:10 - 2017-11-13 05:29 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-03 15:03 - 2017-11-13 05:26 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-11-15 13:36 - 2017-11-13 05:26 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-11-15 13:36 - 2017-11-13 05:28 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-11-15 13:36 - 2017-11-13 05:26 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-11-15 13:36 - 2017-11-13 05:28 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-03 15:03 - 2017-11-13 05:29 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-11-15 13:36 - 2017-11-13 05:28 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 15:03 - 2017-11-13 05:29 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-05-03 15:03 - 2017-11-13 05:29 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-11-15 13:36 - 2017-11-13 05:28 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-08-17 11:25 - 2017-11-08 10:03 - 001010352 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2017-08-17 11:26 - 2017-11-08 10:03 - 000539312 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll
2017-03-03 21:43 - 2017-03-03 21:43 - 000550328 _____ () C:\Program Files (x86)\ACT\Act for Windows\PSIClient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Carl Russell\Desktop\Hpearce logo.jpg:com.dropbox.attributes [422]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 06:04 - 2017-05-04 13:01 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Carl Russell\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\19_marknelson_onelastwave_t.jpg
DNS Servers: 192.168.75.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "TUCCDUtil"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_7C5B14881C6D8DB724CF47F203D86712"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "HP Officejet Pro 8600 (NET)"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "Safe PST Backup"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6D133E8E7172CE845EF6EAC947B0E399"
HKU\S-1-5-21-2502126243-2453895596-2800589288-1004\...\StartupApproved\Run: => "BingSvc"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A0A5F4B7-509C-49D1-BBA3-D9EE440C60BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A5A97C98-C856-4021-AE4F-A7E4D1B43C6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6A760F8A-D2D6-488F-8721-F5AB827192E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{57C8F091-7E50-4A49-93DA-4391B621E02D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9F80BFF2-270E-431B-8BAC-B22935B17613}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{C86ED672-E3A2-425C-ACAE-8976DA7BA586}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C9D81043-703C-4592-AF60-42DE3B1A4694}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{03DBCA76-5B6D-4DFB-8FBD-5D3B5DAC796B}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{578D688D-0AE6-4167-8A83-B88986CB5A34}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{6C4E50B0-4D43-4B86-9AE9-E0A70CFCC6E0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{2B3C1803-F462-4126-BE95-F319F544E3F2}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Activation.exe
FirewallRules: [{0E1E9045-4E86-4804-996A-B50E17E60EF5}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{58EF241C-1554-4F94-913F-06B76D570504}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{1BAD37AA-6B59-44FA-BFC0-FE5D68F24174}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6FDD8012-D759-4C00-A571-050B58B9AE4B}] => (Allow) LPort=1434
FirewallRules: [{D56315D2-ABAA-4202-AB45-029838881927}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
FirewallRules: [{8058DF0A-1611-493E-B499-3F2ACA3C3166}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{B4915C51-DA6B-444F-A021-404BB6F174C3}] => (Allow) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
FirewallRules: [{5BB4941B-FEC0-43AB-B2FF-B4488A29060E}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
FirewallRules: [{5A85DB37-B453-4389-96C6-4A6C4D1F6A69}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act15.exe
FirewallRules: [{34F41FBD-6BA3-4C85-B734-81210AFB9C14}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\ActEmail.exe
FirewallRules: [{5BBF0EB9-B78D-4CB6-B1D4-F9ED6BC8A53F}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
FirewallRules: [{0B7F2132-CCB5-43A6-8489-988F12FEE4BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1AA58689-4439-473B-A916-D02A5DC209FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E2483CC-E118-4D12-BBF8-4101E5EA89FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6D3E005-4649-42A2-B790-1ED530FF785A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6A226CD4-B33A-4786-AAA9-451046B7AC31}] => (Allow) LPort=1434
FirewallRules: [{6DA88325-624B-4DB7-BB1F-CC470896D72A}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
FirewallRules: [{68A4188A-1E87-4549-AB1E-5F2F541D1F5C}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{A518C8B6-9DFF-4600-8013-81A99A3347F8}] => (Allow) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
FirewallRules: [{A0BDD112-E329-4B9D-A32F-162DB60913AE}] => (Allow) LPort=1434
FirewallRules: [{942B345E-96A8-4001-A330-4ABF5764B898}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A7C26C46-BE24-4D65-8855-3F8A4363F149}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F81A0448-99EE-4FEE-A79A-0B6387A1EC0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8495CD8-D865-4DF3-A1BE-F9A7B056A23D}] => (Allow) LPort=1434
FirewallRules: [{166E605B-59B3-474D-B55A-F7B4EE477AC7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{7CECB217-791C-442D-8FDE-EF20F3A21BD9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{4DF100AE-5A4D-4CF3-BB67-55068A566C34}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{B29DED25-6EF8-4794-BD89-BE5E097A1E4E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{F0D6B278-5BFB-4D29-AEA4-BD6533AF7D75}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FC3670D6-D821-4DA1-A93F-3C2212813C75}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0E2CC24C-17BF-42EC-87EF-B2359B62FDB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0699B839-2186-4733-8470-2D81B78FE868}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD72B72C-2CBD-4848-A5A5-05F920BCAE22}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{160AF9EC-DE36-4F86-A1E7-047E9E027262}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{E0ECDA32-31C5-4C8A-89FB-6B926865965D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{7737F848-AEE3-4613-B337-BB2164D6EDFF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{24F39F03-1BC7-4D4C-BBD1-419777567AED}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{7718D388-E4DA-43CA-8CDD-50D8BB802022}] => (Allow) LPort=5357
FirewallRules: [{193A5DD8-1F87-44A5-BAC6-A40F5B3F7D77}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{15E2F783-61A1-472B-8335-10CEE5EAF29B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{30AE271C-38F6-4C16-9ABA-B1BFD95BCB10}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A41B6D47-47F4-47B7-BA95-9C5EC9554F31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F1A9FE4B-2B8C-4B6A-B99F-1FD2909E8C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AC477551-9133-4D07-8EA2-D1695195C75C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B2A1940A-3425-427A-AF92-849E70F19FC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

22-11-2017 16:38:30 Windows Update
30-11-2017 10:50:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/30/2017 09:56:43 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.

Error: (11/30/2017 09:56:43 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.

Error: (11/30/2017 09:56:43 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.

Error: (11/30/2017 09:56:43 AM) (Source: Act.Outlook.Service.Desktop) (E


#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,170 posts

Posted 12 December 2017 - 08:31 AM

 
 
Hi,
 
I suspect that this is a Syncing issue.
 
If you are Syncing Chrome proceed to reset it.
 
To remove this you will possibly have to reset the Sync in Chrome.
 
Read this article and proceed.
 
Chrome Secure Preferences detection always comes back
<<<>>>
 
After a restart of the computer and chrome if the problem persists please Update the Farbar tool and post a fresh FRST.txt log for my review.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 121 posts

Posted 12 December 2017 - 11:02 AM

Once again, thank you, and it seems to have fixed the problem, I hope for good.   I'll let you know if it starts up again....thanks again, and Happy Holidays.   Carl



#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,170 posts

Posted 13 December 2017 - 06:36 AM

Glad we could help.

 

nasdaq


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!