Thanks for your Reply.
Here are the scans you requested.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by CEP Local 440 (23-11-2016 22:19:15)
Running from C:\Users\CEP Local 440\Downloads
Windows 10 Home (X64) (2015-10-25 14:38:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1124643268-3595298339-4084894015-500 - Administrator - Disabled)
CEP Local 440 (S-1-5-21-1124643268-3595298339-4084894015-1000 - Administrator - Enabled) => C:\Users\CEP Local 440
DefaultAccount (S-1-5-21-1124643268-3595298339-4084894015-503 - Limited - Disabled)
Guest (S-1-5-21-1124643268-3595298339-4084894015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1124643268-3595298339-4084894015-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 16.02 (HKLM-x32\...\{23170F69-40C1-2701-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov)
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertXtoDVD 3.3.4.106e (HKLM-x32\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.3.4.106e - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAP Plug-in for 64 Bit IE (HKLM\...\{E06AF9BE-E1D6-4867-8DBF-74E4BA32BBB3}) (Version: 9606.0.30 - SpeedBit)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10050 (Build 2519) - Speedbit Ltd.)
Elevated
Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Lifetime Updater (HKLM-x32\...\{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}) (Version: 2.1.11 - Garmin)
GenuTax Standard (HKLM-x32\...\{C558F931-FCAD-4252-909F-D736DF679567}) (Version: 1.45 - GenuSource Consulting Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hola™ 1.18.524 - Better Internet (HKLM\...\Hola) (Version: 1.18.524 - Hola Networks Ltd.) <==== ATTENTION
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master
Uninstall) (Version: 1.0.0.80 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0183 (HKLM-x32\...\{BC146E5F-A2B0-40DB-90E7-2833807E98DF}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
iLivid (x32 Version: 1.92.0.118480 - Bandoo Media Inc.) Hidden <==== ATTENTION
InstaCodecs (HKLM-x32\...\InstaCodecs_is1) (Version: 1.0 - )
InstallConverter (HKLM-x32\...\InstallConverter) (Version: 1.0 - InstallConverter)
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.110 - Oracle)
Java(TM) 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.2.228 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes
Anti-Malware version 2.1.6.1022 (HKLM-x32\...
Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 -
Malwarebytes Corporation)
MaxiLink (HKLM-x32\...\{3F1420A7-FF17-40F0-B4FE-3481B8D10081}) (Version: 1.08 - Autel)
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
ObjectDock Free (x32 Version: 2.0 - Stardock Corporation) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SpeedBit Video Accelerator (HKLM-x32\...\SpeedBit Video Accelerator) (Version: 3370(build_3043) - SpeedBit Ltd.)
SpeedBit Video Downloader (HKLM-x32\...\SpeedBit Video Downloader) (Version: 1154(build_488) - SPEEDbit Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
TurboTax Free version 1.0.1 (HKLM-x32\...\{EF63699B-79A1-4A7D-B02D-AD5976701864}_is1) (Version: 1.0.1 - Intuit Canada)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VaudiX (HKLM\...\{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wise Care 365 3.96 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.96 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.44 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.44 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.81 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.81 - WiseCleaner.com, Inc.)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08C18A8D-A2BD-4774-9120-78A4A4FC9E76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0BF52ED3-1BB6-4841-9EEF-4ADFA8C01E62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0DAC725D-0371-4133-8AF6-D148198B0D4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {105CBCC4-5BD4-47EC-919F-698174BE6C5E} - System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {1627C880-15CC-4527-9FE1-5EBA43DD41D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18853C6D-A3C5-431B-83DB-B7E51B6D1A9A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1BC14874-2285-41BC-9C22-9381D778C8C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} - System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {25554AD1-5548-49F0-8550-EC465DD19366} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {27A76811-8CAB-4FB0-8E58-AE2F14D3523B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {27CCF768-AFC7-4E08-BE16-845098F6E1C9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2D23301A-268D-4133-A615-B5D3B6436506} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {30426D06-7CE3-404A-89C2-7A4DA66DBA3D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {350B0464-18D2-43E5-98C5-C3267B33837D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3B460780-4ABB-499A-A302-4CCCF74FF5C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E67C9DA-3818-4D54-937E-0B0166CD4C2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4295A246-F1FA-4C92-B703-C98313A8B679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {45EACAAD-C12E-45DB-A0B7-C6968C44E73B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {462BC8C7-51E1-48D0-A779-3A14AC6127C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4862D3F8-2130-4C97-A2A3-B139E5650AB7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48ACB946-9171-45B5-875C-A86E243BEEC3} - System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {49FDBA15-93C4-4369-B2AC-DC67D65D4F29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {56F97E84-3191-45C9-A635-67E8EB4B5A12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {57668D48-BB12-44DA-9C67-A3B46E8D44CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D8FF8E9-CE26-4891-955E-92566A4AE49F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63AA4B71-0FB7-4900-ABCD-1A1044042157} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6809B9EF-F2FC-4B51-9FA3-9AA2FD514EF2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {689603CA-2D8F-42B1-8DFB-CEC176524B4B} - System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => C:\ProgramData\Premium\VaudiX\VaudiX.exe [2012-09-19] () <==== ATTENTION
Task: {6A1D0173-5E64-47B4-ABF4-B0905C3E7446} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {78E36EFE-EDDE-417C-8CD5-5338C87D4A89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7C025B81-7511-44C3-9832-4DED87E013CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {881641BF-0BE6-43B4-8EC8-60F5117C11FA} - System32\Tasks\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {8B2BDB30-21E5-4EAB-876D-714AA59072D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {91775A97-F1FA-4406-8BFE-B175EB66B61F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {93D595F8-B5CF-441B-A5C1-202DDF53EE6C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {96A4AA20-AD60-4CDD-818D-CEEF996CE643} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9AEF5C9B-DF21-4B95-BEF3-83AC6146D0AF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F98CCE2-E3BC-4C34-89FD-890FD85D2403} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {A2829269-0700-45E1-BF90-7C8200090DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {A34CE245-50BC-4CCC-B4C5-C2D2EFB50957} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A66798D4-C70C-475F-9B74-49D08E192BF5} - System32\Tasks\{298B2E4F-B19F-479B-A158-24E952B262D7} => pcalua.exe -a F:\setup.exe -d F:\
Task: {AAAA528F-472D-41BD-A91A-EA77D7428CC4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9AEA5BF-FEB4-4F9D-99D1-32044FA58E69} - no filepath
Task: {C0CE097B-D8A2-4DE3-A7B5-5181B2628640} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C10DF3FC-8775-4BE6-B0D5-A1044AC4C417} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {C2ECE9AB-A485-4CFD-9141-3028BC823A8C} - System32\Tasks\{BF9EF130-FE70-4432-88EC-F3B7132270EA} => pcalua.exe -a G:\internalsw.exe -d G:\
Task: {E73ACD4C-1F44-4639-BA0D-B9E074AE8FB2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E9CEC2AE-59CB-4E77-9459-C3A97851374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-23] (Microsoft Corporation)
Task: {E9E97BFB-E139-4DB2-A978-802F63DA9BC3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECB00934-BB76-4164-BD18-F1F1D6B0BC50} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EE5786B3-871D-461C-A5B4-CE59F65A6910} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {EEB67E49-8B2B-4DF3-928D-5ADF90CE6D9B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EFF885BD-E49F-4288-B019-FFDE6C4A683F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F6F549D5-4559-4DED-AFAB-9D5782549FD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F87AD7FC-295C-4D22-9010-0A9584303B21} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F8E99B3B-8FF9-44C4-AE06-046AAAD78217} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F91C1C31-1776-45E9-8818-F155E0BB2786} - System32\Tasks\ASC9_SkipUac_CEP Local 440 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FDA0C9D7-4161-40A6-81E3-C046B91E75F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FF901301-441E-45AC-BDA9-F12D966A5533} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FF9ACA87-4767-430C-861B-1D1765C88317} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForCEP Local 440.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => C:\ProgramData\Premium\VaudiX\VaudiX.exeC/schedule /profilepath C:\ProgramData\Premium\VaudiX\profile.ini <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://
www.msnusers.com
ShortcutWithArgument: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chromium.lnk -> C:\Program Files\Hola\app\chromium\hola_cr.exe (The Chromium Authors) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2014-03-19 15:14 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2012-02-05 09:28 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2015-09-10 01:08 - 2015-09-10 01:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2010-01-18 18:04 - 2010-01-18 18:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-12-27 20:15 - 2012-03-28 08:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-04-22 14:42 - 2009-07-06 15:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-05-13 14:13 - 2016-05-13 14:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2011-01-12 15:05 - 2011-01-12 15:05 - 00065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
2014-10-15 19:30 - 2015-12-28 12:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-12-15 12:38 - 2015-12-15 12:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 15:44 - 2015-10-27 15:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2016-11-08 19:09 - 2016-11-08 19:09 - 17772736 _____ () C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA [110]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [128]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\hola.org -> hxxp://hola.org
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-10-23 17:06 - 00000869 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "Kaspersky Software Updater Beta.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "hola"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\StartupApproved\Run: => "SUPERAntiSpyware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{1F11BD5D-9CDA-4136-BB17-11759FEB6D09}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA625BC8-20DA-4F96-B47A-3616BB97937C}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C644734-5475-4DA6-B672-08496CD515EA}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C306E7E-FA6E-4246-91D6-00F5ED2544EC}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7593305D-BBBF-4CCE-926B-B048B7563B94}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E296F81-475A-4BB6-BA2E-DB4CB7AA6E7E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CA213376-A484-48F7-800D-ACFB65B59F38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A2F0F85D-ABFA-4002-BAEB-643936EF6E3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B70DB332-4B6A-4D53-B69A-F7B07D80039F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6FDDDBCD-9E24-4FBA-89D2-A19271B06C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{E20FD543-C6C3-4313-9131-0D733A66F843}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{1E47DBAC-AE53-474F-8254-E53AADA79E6E}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{CF80B1C2-A556-4548-981C-06CBE3BB5EAF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{4860E4E0-5D78-4517-A910-FAB62566D6FA}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{22655ABE-CC52-4BC1-9919-CE7010DD4740}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{0684BDD1-D04E-4DA9-9F57-AB8E9C43EB36}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{14305EE3-7585-4DBD-AFF1-CB41A6B30E8E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{F30B66CF-ACBA-491F-A35F-E0D2C839AE9B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EA7E075A-7AD9-486D-936D-C5A008E4AEF0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{955BF8E2-0107-430E-ACB3-EA1866B2188D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{7F3B0884-9A74-4A23-A815-94DF09E8E16E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{CC100D2B-0F25-44A6-8E18-B9D4213C2E18}] => (Allow) LPort=1900
FirewallRules: [{E3362B78-8937-4E14-96DB-A506F6A42DA6}] => (Allow) LPort=2869
FirewallRules: [{899C2BF5-FADA-4254-B801-49E186B090BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6DABA61E-382F-4B73-9DCC-BF32E3072340}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{A7F9DF2C-1E41-44AC-B3F4-F1606E77B575}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{07F2AA3A-367C-418F-A447-4B15FD899263}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{A4B4C1FA-409F-4ED6-B7D6-9A0AB374593D}] => (Allow) svchost.exe
FirewallRules: [{6731B3C1-FA7E-4A09-82A7-E3FD48CE65B7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{26CB7901-2FC7-48BF-BCF9-B49DB4E705BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{A78F4198-025D-4135-B3D3-B93DDADC77F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{70C3739A-C243-426D-913D-42C43F5D23AA}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{62769754-BDCC-4FC4-92A8-03FD784D2AA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-11-2016 20:40:59 Removed iTunes
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (11/23/2016 07:05:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.
Error: (11/23/2016 07:05:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\\UsrClass.dat
System errors:
=============
Error: (11/22/2016 09:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (11/22/2016 07:56:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
Error: (11/22/2016 07:50:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.
Error: (11/22/2016 07:50:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
Error: (11/22/2016 07:50:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.
Error: (11/22/2016 07:49:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
Error: (11/22/2016 07:49:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.
Error: (11/22/2016 07:49:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
Error: (11/22/2016 07:49:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.
Error: (11/22/2016 07:49:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
CodeIntegrity:
===================================
Date: 2016-11-23 22:12:22.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 22:12:21.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 22:12:21.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 22:12:12.003
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 22:12:11.901
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 19:14:23.641
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 19:14:23.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 19:14:23.564
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 19:14:18.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-23 19:14:18.299
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 3998.92 MB
Available physical RAM: 1962.66 MB
Total Virtual: 4254.92 MB
Available Virtual: 1725.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:450.94 GB) (Free:306.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.53 GB) (Free:2.39 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
...And here is the second one;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by CEP Local 440 (administrator) on CEPLOCAL440-PC (23-11-2016 22:16:49)
Running from C:\Users\CEP Local 440\Downloads
Loaded Profiles: CEP Local 440 (Available Profiles: CEP Local 440 & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuapihost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8446832 2015-04-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2015-04-06] (Realtek Semiconductor)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2166376 2016-11-02] (Hola Networks Ltd.) <===== ATTENTION
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-10-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Run: [uTorrent] => C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe [2530304 2016-07-16] (BitTorrent Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-16]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-07-16]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-10-05]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-10-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-16]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-16]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-16]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://
www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKLM-x32 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://
www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM-x32 -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL =
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://
www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://
www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22] (Sun Microsystems, Inc.)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files (x86)\DAP\DAPIELoader64.dll [2011-03-24] (SpeedBit Ltd.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO-x32: No Name -> {669E08DA-2172-5F0B-4DEE-CFA670E3BC84} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll [2012-12-10] (Speedbit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
BHO-x32: GrabberObj Class -> {FF7C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files (x86)\SpeedBit Video Downloader\TBU3C\grabber.dll [2012-06-07] (SpeedBit)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\.DEFAULT -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://
www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\SysWOW64\npdeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-16] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-04-09] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-09] (Hola)
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/FlashPlayer -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-04-09] ()
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/vlc -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-09] (Hola)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV="
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default [2016-11-23]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2013-10-15] [UpdateUrl: hxxps://secure.speedbit.com/chrome/DAP/DAPChromeUpdate6.xml] <==== ATTENTION
CHR Extension: (AdBlock) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-23]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-11-17]
CHR Extension: (Towns) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpicpeahbmmbigocblndhdmgpkcggpk [2016-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2011-07-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-01] (SUPERAntiSpyware.com)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622376 2016-11-02] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8104576 2015-11-01] (Hola Networks Ltd.) <==== ATTENTION
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
S3 HPSIService; C:\Windows\SysWOW64\HPSIsvc.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2012-01-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\SysWOW64\mfevtps.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 REALPLAYERUPDATESVC; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-07-16] (RealNetworks, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-04-06] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SamSs; C:\WINDOWS\SysWOW64\lsass.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 Spooler; C:\WINDOWS\SysWOW64\spoolsv.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-25] (Synaptics Incorporated)
S3 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [277744 2013-01-19] (SpeedBit Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [158712 2012-01-22] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [228752 2012-01-22] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [642952 2012-01-22] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [100904 2012-01-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [283744 2012-01-22] (McAfee, Inc.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-25] (Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16152 2016-10-25] ()
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) [File not signed]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-23 22:16 - 2016-11-23 22:18 - 00031334 _____ C:\Users\CEP Local 440\Downloads\FRST.txt
2016-11-23 22:16 - 2016-11-23 22:16 - 00000000 ____D C:\FRST
2016-11-23 22:11 - 2016-11-23 22:14 - 00001598 _____ C:\Users\CEP Local 440\Desktop\FRST64 - Shortcut.lnk
2016-11-23 22:09 - 2016-11-23 22:15 - 02412032 _____ (Farbar) C:\Users\CEP Local 440\Downloads\FRST64.exe
2016-11-23 22:05 - 2016-11-23 22:05 - 00016148 _____ C:\WINDOWS\system32\CEPLOCAL440-PC_CEP Local 440_HistoryPrediction.bin
2016-11-23 19:54 - 2016-11-23 19:54 - 00128628 _____ C:\Users\CEP Local 440\Desktop\PC Help Forum.html
2016-11-23 19:54 - 2016-11-23 19:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\PC Help Forum_files
2016-11-19 19:24 - 2016-11-19 19:25 - 00268880 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.24.07_log.txt
2016-11-19 19:23 - 2016-11-19 19:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller (1).exe
2016-11-19 19:07 - 2016-11-19 19:10 - 00532114 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.07.45_log.txt
2016-11-19 19:07 - 2016-11-19 19:07 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller.exe
2016-11-19 19:01 - 2016-11-19 19:01 - 02622304 _____ (Kaspersky Lab) C:\Users\CEP Local 440\Downloads\kss16.0.0.1344en_9702.exe
2016-11-18 15:56 - 2016-11-18 15:56 - 00127637 _____ C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html
2016-11-18 15:56 - 2016-11-18 15:56 - 00000000 ____D C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files
2016-11-18 13:25 - 2012-05-04 18:29 - 00227720 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2016-11-15 19:46 - 2016-11-15 19:46 - 00132859 _____ C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel.html
2016-11-15 19:46 - 2016-11-15 19:46 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel_files
2016-11-14 21:09 - 2016-11-14 21:09 - 00085387 _____ C:\Users\CEP Local 440\Desktop\Watch Britain's Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added.html
2016-11-14 21:09 - 2016-11-14 21:09 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain's Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added_files
2016-11-06 20:55 - 2016-11-06 20:55 - 00124328 _____ C:\Users\CEP Local 440\Desktop\Watch Britain's Got Talent.html
2016-11-06 20:54 - 2016-11-06 20:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain's Got Talent_files
2016-11-03 19:17 - 2016-11-03 19:17 - 00002542 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440
2016-11-03 19:17 - 2016-11-03 19:17 - 00000324 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job
2016-11-03 19:17 - 2016-11-03 19:17 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-11-03 19:16 - 2016-11-03 19:16 - 00002488 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440
2016-11-03 19:16 - 2016-11-03 19:16 - 00000284 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job
2016-11-02 22:32 - 2016-11-02 22:32 - 00127538 _____ C:\Users\CEP Local 440\Desktop\WestJet.html
2016-11-02 22:32 - 2016-11-02 22:32 - 00000000 ____D C:\Users\CEP Local 440\Desktop\WestJet_files
2016-11-01 18:23 - 2016-11-01 18:23 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-01 18:23 - 2016-11-01 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-29 19:19 - 2016-10-29 19:19 - 00124315 _____ C:\Users\CEP Local 440\Desktop\Britian got talent season-10-episode-1.htm
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-23 20:45 - 2013-05-11 20:33 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-23 19:41 - 2015-07-30 18:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 19:07 - 2015-10-24 07:16 - 01005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-23 19:07 - 2015-07-30 18:40 - 00000000 ____D C:\WINDOWS\INF
2016-11-23 19:05 - 2012-12-31 23:09 - 00000386 ____H C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job
2016-11-22 19:56 - 2015-10-25 10:39 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Packages
2016-11-22 19:49 - 2015-07-30 18:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 18:22 - 2013-01-28 19:48 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\Wise Care 365
2016-11-22 18:21 - 2015-07-30 17:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-20 23:19 - 2015-10-24 07:18 - 00000000 ____D C:\Users\CEP Local 440
2016-11-19 12:36 - 2014-10-15 19:30 - 00000000 ____D C:\ProgramData\ProductData
2016-11-18 13:25 - 2012-06-13 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-17 21:37 - 2010-10-12 20:18 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-14 18:45 - 2012-12-31 20:36 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-06 17:47 - 2015-11-03 18:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 19:18 - 2010-10-12 20:18 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\IObit
2016-11-03 19:17 - 2014-10-15 19:30 - 00000000 ____D C:\Users\CEP Local 440\AppData\LocalLow\IObit
2016-11-03 19:17 - 2011-03-21 18:31 - 00000000 ____D C:\ProgramData\IObit
2016-11-01 21:08 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-11-01 18:35 - 2010-10-11 20:27 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Google
2016-11-01 18:23 - 2010-10-11 20:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-27 21:22 - 2010-10-12 21:36 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-25 20:36 - 2015-07-30 18:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-25 20:36 - 2014-03-30 10:59 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-10-25 18:39 - 2014-08-11 05:23 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 18:30 - 2012-12-31 21:05 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
==================== Files in the root of some directories =======
2011-07-13 07:34 - 2011-07-13 07:34 - 0099384 _____ () C:\Users\CEP Local 440\AppData\Roaming\inst.exe
2011-07-13 07:34 - 2011-07-13 07:34 - 0007859 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.cat
2011-07-13 07:34 - 2011-07-13 07:34 - 0001167 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.inf
2011-07-13 07:35 - 2015-02-16 16:26 - 0000033 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.log
2011-07-13 07:34 - 2011-07-13 07:34 - 0082816 _____ (VSO Software) C:\Users\CEP Local 440\AppData\Roaming\pcouffin.sys
2011-07-13 07:35 - 2011-07-14 11:58 - 0000671 _____ () C:\Users\CEP Local 440\AppData\Roaming\vso_ts_preview.xml
2010-10-13 04:39 - 2010-10-13 04:39 - 0000000 _____ () C:\Users\CEP Local 440\AppData\Roaming\wklnhst.dat
2013-11-06 16:18 - 2015-11-12 22:49 - 0123531 _____ () C:\Users\CEP Local 440\AppData\Local\ars.cache
2013-11-06 16:19 - 2015-11-12 22:49 - 1188256 _____ () C:\Users\CEP Local 440\AppData\Local\census.cache
2013-11-06 15:44 - 2013-11-06 15:44 - 0000036 _____ () C:\Users\CEP Local 440\AppData\Local\housecall.guid.cache
2015-11-12 23:40 - 2015-11-12 23:40 - 0000010 _____ () C:\Users\CEP Local 440\AppData\Local\sponge.last.runtime.cache
2010-09-17 06:11 - 2015-10-10 18:12 - 0000361 _____ () C:\ProgramData\HPWALog.txt
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-04-22 14:43 - 2010-04-22 14:43 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-04-22 14:37 - 2010-04-22 14:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-08 04:39 - 2010-07-08 04:39 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-04-22 14:37 - 2010-04-22 14:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-04-22 14:38 - 2010-04-22 14:42 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Files to move or delete:
====================
C:\Program Files\Hola\app\hola.exe
Some files in TEMP:
====================
C:\Users\CEP Local 440\AppData\Local\Temp\dl496E0711-22AA-A942-9FCF-CF4B73F6E484.exe
C:\Users\CEP Local 440\AppData\Local\Temp\dl74710E02-F14B-BA4E-9871-B134BC7EBF34.exe
C:\Users\CEP Local 440\AppData\Local\Temp\dlA4455746-8CF2-4243-B1DD-CB8214B3943A.exe
C:\Users\CEP Local 440\AppData\Local\Temp\jre-8u112-windows-i586.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\hkcmd.exe
C:\Windows\SysWOW64\HPSIsvc.exe
C:\Windows\SysWOW64\igfxpers.exe
C:\Windows\SysWOW64\igfxtray.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\mfevtps.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-03 20:36
==================== End of FRST.txt ============================
Thanks again for your assistance.