Reply to thread

Message: <blockquote data-quote="sheri brennan" data-source="post: 696999" data-attributes="member: 68321">Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2017Ran by sheri (administrator) on SHERI-PC (13-12-2017 07:43:10)Running from C:\Users\sheri\DesktopLoaded Profiles: sheri (Available Profiles: sheri)Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a>==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe(IObit) C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe(IObit) C:\Program Files\IObit\Advanced SystemCare\ASC.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [] => [X]HKU\S-1-5-21-3948143356-924845713-1080013463-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25Tcpip\..\Interfaces\{FB7B3318-7CD1-4E4D-887C-1D71C5647D83}: [DhcpNameServer] 192.168.0.1 205.171.2.25Internet Explorer:==================HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_37&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzyyB0CtA0EtD0Azy0FtDtC0FtN0D0Tzu0StBtDzzyDtN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StBtD0F0CyE0DyD0DtGyC0D0ByDtGyCtDzy0AtGyB0AtDtCtGyDyBtD0FyE0FyC0FtAyDyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0Dzy0FtAyCyCyDtGtC0Fzz0EtGyEyD0B0DtG0AtB0AtAtGtBtAtAzzyEzztBtAzy0DyE0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtBzyzy%26cr%3D113564250%26a%3Dwncy_iobitfs_17_37%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremiumSearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_37&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzyyB0CtA0EtD0Azy0FtDtC0FtN0D0Tzu0StBtDzzyDtN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StBtD0F0CyE0DyD0DtGyC0D0ByDtGyCtDzy0AtGyB0AtDtCtGyDyBtD0FyE0FyC0FtAyDyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0Dzy0FtAyCyCyDtGtC0Fzz0EtGyEyD0B0DtG0AtB0AtAtGtBtAtAzzyEzztBtAzy0DyE0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtBzyzy%26cr%3D113564250%26a%3Dwncy_iobitfs_17_37%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_iobitfs_17_37&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzyyB0CtA0EtD0Azy0FtDtC0FtN0D0Tzu0StBtDzzyDtN1L2XzutAtFtBzytFtCtDyEtFzytAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StBtD0F0CyE0DyD0DtGyC0D0ByDtGyCtDzy0AtGyB0AtDtCtGyDyBtD0FyE0FyC0FtAyDyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0Dzy0FtAyCyCyDtGtC0Fzz0EtGyEyD0B0DtG0AtB0AtAtGtBtAtAzzyEzztBtAzy0DyE0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEtBzyzy%26cr%3D113564250%26a%3Dwncy_iobitfs_17_37%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}SearchScopes: HKU\S-1-5-21-3948143356-924845713-1080013463-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = SearchScopes: HKU\S-1-5-21-3948143356-924845713-1080013463-1000 -> {9928BBD0-3FDA-4CC5-BC53-EB3AD3D31954} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracleBHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-26] (Oracle Corporation)BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files\VIPRE\VSGN.dll => No FileBHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-08-04] (IObit)BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No FileToolbar: HKU\S-1-5-21-3948143356-924845713-1080013463-1000 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No FileHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll No FileHandler: WSWSVCUchrome - No CLSID Value - StartMenuInternet: IEXPLORE.EXE - iexplore.exeFireFox:========FF HKLM\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpiFF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2017-04-14] [Legacy]FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-08-17] (Adobe Systems, Inc.)FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-26] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-26] (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-12] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-12] (Google Inc.)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)FF Plugin HKU\S-1-5-21-3948143356-924845713-1080013463-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\sheri\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)Chrome: =======CHR HomePage: Default -> hxxp://yahoo.com/CHR StartupUrls: Default -> "hxxp://yahoo.com/"CHR NewTab: Default ->  Active:"chrome-extension://jccfgghhbihbhomnlnadpjhkhmmboanj/newtab.html"CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}CHR DefaultSearchKeyword: Default -> yahoo.comCHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}CHR Profile: C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default [2017-12-13]CHR Extension: (Google Drive) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-04]CHR Extension: (Adblock Plus) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]CHR Extension: (Google Docs Offline) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-19]CHR Extension: (Yahoo Homepage) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccfgghhbihbhomnlnadpjhkhmmboanj [2017-07-20]CHR Extension: (Ghostery) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-12-07]CHR Extension: (Chrome Web Store Payments) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]CHR Extension: (Chrome Media Router) - C:\Users\sheri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]CHR HKU\S-1-5-21-3948143356-924845713-1080013463-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crxCHR HKU\S-1-5-21-3948143356-924845713-1080013463-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx==================== Services (Whitelisted) ====================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R2 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)R2 AdvancedSystemCareService11; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [1053984 2017-11-01] (IObit)R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6959472 2017-09-10] (Reimage®)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)S3 WsAppService; C:\Program Files\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]===================== Drivers (Whitelisted) ======================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2017-02-04] (Alcor Micro, Corp.)R3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x32.sys [49472 2017-12-13] (CPUID)S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-02-04] (REALiX(tm))R3 iobit_monitor_server; C:\Program Files\IObit\Advanced SystemCare\drivers\Monitor_x86.sys [15216 2016-11-23] (IObit)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)R1 MpKsl6db6c477; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF1A88B5-630F-4A4C-8A08-67EBC5BF1FDB}\MpKsl6db6c477.sys [49504 2017-12-13] (Microsoft Corporation)R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit)S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2017-08-30] (The OpenVPN Project) [File not signed]==================== NetSvcs (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)==================== One Month Created files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2017-12-13 07:42 - 2017-12-13 07:42 - 001752576 _____ (Farbar) C:\Users\sheri\Desktop\FRST.exe2017-12-13 07:39 - 2017-12-13 07:44 - 000013747 _____ C:\Users\sheri\Desktop\FRST.txt2017-12-13 07:28 - 2017-12-13 07:35 - 000007259 _____ C:\Users\sheri\Downloads\FRST.txt2017-12-13 07:27 - 2017-12-13 07:28 - 000000000 ____D C:\FRST2017-12-13 07:19 - 2017-12-13 07:19 - 001336829 _____ C:\Users\sheri\Downloads\Autoruns (1).zip2017-12-13 07:14 - 2017-12-13 07:14 - 001329536 _____ (Microsoft Corporation) C:\Users\sheri\Downloads\WindowsXP-KB905474-ENU-x86-Standalone (1).exe2017-12-13 07:12 - 2017-12-13 07:12 - 001329536 _____ (Microsoft Corporation) C:\Users\sheri\Downloads\WindowsXP-KB905474-ENU-x86-Standalone.exe2017-12-13 06:37 - 2017-12-13 06:37 - 000000000 ____D C:\_Backup2017-12-13 06:24 - 2017-12-13 06:24 - 000001284 _____ C:\Windows\system32\ServiceConfig.xml2017-12-13 06:02 - 2017-12-13 06:03 - 000000000 ____D C:\ProgramData\Reimage Protector2017-12-13 06:02 - 2017-12-13 06:02 - 005154304 _____ C:\Users\sheri\Downloads\WindowsDefender.msi2017-12-13 06:02 - 2017-12-13 06:02 - 000002062 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk2017-12-13 06:02 - 2017-12-13 06:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair2017-12-13 06:01 - 2017-12-13 06:02 - 000000000 ____D C:\Program Files\Reimage2017-12-13 06:00 - 2017-12-13 06:03 - 000000000 ____D C:\rei2017-12-13 05:59 - 2017-12-13 06:03 - 000000140 _____ C:\Windows\Reimage.ini2017-12-13 05:59 - 2017-12-13 05:59 - 000605424 _____ (Reimage) C:\Users\sheri\Downloads\ReimageRepair (1).exe2017-12-13 05:58 - 2017-12-13 05:59 - 000605424 _____ (Reimage) C:\Users\sheri\Downloads\ReimageRepair.exe2017-12-13 05:44 - 2017-12-13 05:44 - 000892944 _____ (Microsoft Corporation) C:\Users\sheri\Downloads\mssstool32.exe2017-12-13 04:38 - 2017-12-13 05:23 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC2017-12-13 02:07 - 2017-11-14 16:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2017-12-13 02:07 - 2017-11-13 17:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2017-12-13 02:07 - 2017-11-13 17:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2017-12-13 02:07 - 2017-11-13 17:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2017-12-13 02:07 - 2017-11-13 17:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2017-12-13 02:07 - 2017-11-13 17:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2017-12-13 02:07 - 2017-11-13 16:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2017-12-13 02:07 - 2017-11-13 16:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2017-12-13 02:07 - 2017-11-07 12:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2017-12-13 02:07 - 2017-11-07 12:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2017-12-13 02:07 - 2017-11-07 12:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2017-12-13 02:07 - 2017-11-07 12:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2017-12-13 02:07 - 2017-11-07 12:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2017-12-13 02:07 - 2017-11-07 12:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2017-12-13 02:07 - 2017-11-07 12:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2017-12-13 02:07 - 2017-11-07 12:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2017-12-13 02:07 - 2017-11-07 12:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2017-12-13 02:07 - 2017-11-07 12:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2017-12-13 02:07 - 2017-11-07 12:39 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2017-12-13 02:07 - 2017-11-07 12:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2017-12-13 02:07 - 2017-11-07 12:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2017-12-13 02:07 - 2017-11-07 12:35 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2017-12-13 02:07 - 2017-11-07 12:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2017-12-13 02:07 - 2017-11-07 12:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2017-12-13 02:07 - 2017-11-07 12:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2017-12-13 02:07 - 2017-11-07 12:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2017-12-13 02:07 - 2017-11-07 12:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2017-12-13 02:07 - 2017-11-07 12:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2017-12-13 02:07 - 2017-11-07 12:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2017-12-13 02:07 - 2017-11-07 12:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2017-12-13 02:07 - 2017-11-07 12:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2017-12-13 02:07 - 2017-11-07 12:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2017-12-13 02:07 - 2017-11-07 12:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2017-12-13 02:07 - 2017-11-07 12:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2017-12-13 02:07 - 2017-11-07 12:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2017-12-13 02:07 - 2017-11-07 11:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2017-12-13 02:07 - 2017-11-07 08:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2017-12-13 02:07 - 2017-11-04 07:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll2017-12-13 02:07 - 2017-11-04 07:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll2017-12-13 02:07 - 2017-11-02 07:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll2017-12-13 02:07 - 2017-11-02 07:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll2017-12-13 02:07 - 2017-11-02 07:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll2017-12-13 02:07 - 2017-11-02 06:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll2017-12-12 17:21 - 2017-12-12 17:21 - 001997168 _____ C:\Users\sheri\Downloads\wrar550.exe2017-12-12 17:16 - 2017-12-12 17:19 - 019204520 _____ (IObit ) C:\Users\sheri\Downloads\driver_booster_setup.exe2017-12-12 08:29 - 2017-12-12 08:29 - 000000000 ____D C:\Users\sheri\AppData\Local\IsolatedStorage2017-12-12 08:29 - 2017-12-12 08:29 - 000000000 _____ C:\Windows\system32\SBRC.dat2017-12-12 08:25 - 2017-12-12 08:44 - 000001945 _____ C:\Windows\epplauncher.mif2017-12-12 08:23 - 2017-12-12 08:43 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk2017-12-12 08:23 - 2017-12-12 08:43 - 000000000 ____D C:\Program Files\Microsoft Security Client2017-12-12 08:15 - 2017-12-12 08:15 - 000002864 _____ C:\Windows\system32\VipreEdgeProtectionOff.ini2017-12-12 08:15 - 2017-05-12 10:02 - 000030840 _____ (ThreatTrack Security Inc.) C:\Windows\system32\Drivers\WebExaminer.sys2017-12-12 08:14 - 2017-12-12 08:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf2017-12-12 08:13 - 2017-12-12 08:13 - 000000000 ____D C:\ProgramData\Downloaded Installations2017-12-12 08:12 - 2017-12-13 06:25 - 000000000 ____D C:\Program Files\VIPRE2017-12-12 08:12 - 2017-12-12 08:12 - 006072216 _____ (ThreatTrack Security, Inc) C:\Users\sheri\Downloads\vipre-advanced-security-trial.exe2017-12-12 08:12 - 2017-12-12 08:12 - 000000000 ____D C:\Users\sheri\AppData\Local\VIPRE2017-12-12 07:39 - 2017-12-12 07:39 - 001306150 _____ C:\Users\sheri\Downloads\Autoruns.zip2017-12-12 07:00 - 2017-12-13 07:00 - 000000052 _____ C:\Users\sheri\AppData\Local\bpDLTbpDLT2017-12-11 16:53 - 2017-12-11 16:53 - 000822328 _____ (Roblox Corporation) C:\Users\sheri\Downloads\RobloxPlayerLauncher.exe2017-12-07 15:53 - 2017-12-07 15:53 - 000011138 _____ C:\Users\sheri\AppData\Local\recently-used.xbel2017-12-07 15:38 - 2017-12-07 15:53 - 001444901 _____ C:\Users\sheri\Documents\1-800.xcf2017-12-04 14:45 - 2017-12-04 14:45 - 000829030 _____ C:\Users\sheri\Downloads\candy-crushers.pdf2017-12-04 14:44 - 2017-12-04 14:44 - 000377747 _____ C:\Users\sheri\Downloads\draw-clocks.pdf2017-12-04 14:42 - 2017-12-04 14:42 - 000412364 _____ C:\Users\sheri\Downloads\read-the-time.pdf2017-12-04 10:10 - 2017-12-07 15:53 - 000000000 ____D C:\Users\sheri\AppData\Local\gtk-2.02017-12-04 10:10 - 2017-12-04 10:10 - 000000000 ____D C:\Users\sheri\.thumbnails2017-12-04 10:09 - 2017-12-04 12:27 - 000000000 ____D C:\Users\sheri\Desktop\New folder2017-12-04 10:08 - 2017-12-07 15:53 - 000000000 ____D C:\Users\sheri\.gimp-2.82017-12-04 10:08 - 2017-12-04 10:08 - 000000000 ____D C:\Users\sheri\AppData\Local\gegl-0.22017-12-04 10:08 - 2017-12-04 10:08 - 000000000 ____D C:\Users\sheri\AppData\Local\fontconfig2017-12-03 18:39 - 2017-12-03 20:28 - 3319478272 _____ C:\Users\sheri\Desktop\pcriver.com-Win_7_Ult_64Bit.iso2017-12-01 20:23 - 2017-12-01 20:23 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2017-12-01 20:23 - 2017-12-01 20:23 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll2017-12-01 20:23 - 2017-12-01 20:23 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys2017-11-27 15:58 - 2017-11-27 15:58 - 000001922 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk2017-11-27 13:06 - 2017-12-07 15:15 - 000000000 ____D C:\Users\sheri\Desktop\Mistryee2017-11-26 15:14 - 2015-07-16 11:12 - 006131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2017-11-26 15:14 - 2015-07-16 11:12 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2017-11-26 15:14 - 2015-07-16 11:12 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2017-11-26 15:14 - 2015-07-16 07:14 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2017-11-26 15:14 - 2014-12-11 09:47 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2017-11-26 08:41 - 2017-12-12 06:11 - 000002168 _____ C:\Users\Public\Desktop\Advanced SystemCare 11.lnk2017-11-26 08:28 - 2013-10-01 15:45 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll2017-11-26 08:27 - 2013-10-01 16:42 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys2017-11-26 08:27 - 2013-10-01 16:32 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe2017-11-26 08:27 - 2013-10-01 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2017-11-26 08:27 - 2013-10-01 16:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll2017-11-26 08:27 - 2013-10-01 16:14 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll2017-11-26 08:27 - 2013-10-01 14:34 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2017-11-26 08:20 - 2017-11-26 08:20 - 000001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk2017-11-26 08:20 - 2017-11-26 08:20 - 000000000 ____D C:\Users\sheri\AppData\Roaming\vstelemetry2017-11-26 08:20 - 2017-11-26 08:20 - 000000000 ____D C:\Users\sheri\AppData\Roaming\Visual Studio Setup2017-11-26 08:20 - 2017-11-26 08:20 - 000000000 ____D C:\Users\sheri\AppData\Local\ServiceHub2017-11-26 08:18 - 2017-11-26 08:18 - 001077184 _____ (Microsoft Corporation) C:\Users\sheri\Downloads\vs_Community.exe2017-11-26 08:09 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll2017-11-26 08:09 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll2017-11-26 08:09 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll2017-11-26 08:09 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll2017-11-26 08:09 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll2017-11-26 08:09 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll2017-11-26 08:09 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll2017-11-26 08:09 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll2017-11-26 08:09 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll2017-11-26 08:09 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll2017-11-26 08:09 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll2017-11-26 08:09 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll2017-11-26 08:09 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll2017-11-26 08:09 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll2017-11-26 08:09 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll2017-11-26 08:09 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll2017-11-26 08:09 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll2017-11-26 08:09 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll2017-11-26 08:09 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll2017-11-26 08:09 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll2017-11-26 08:09 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll2017-11-26 08:09 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll2017-11-26 08:09 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll2017-11-26 08:09 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll2017-11-26 08:09 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll2017-11-26 08:09 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll2017-11-26 08:09 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll2017-11-26 08:09 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll2017-11-26 08:09 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll2017-11-26 08:09 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll2017-11-26 08:09 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll2017-11-26 08:09 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll2017-11-26 08:09 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll2017-11-26 08:09 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll2017-11-26 08:09 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll2017-11-26 08:09 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll2017-11-26 08:09 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll2017-11-26 08:09 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll2017-11-26 08:09 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll2017-11-26 08:09 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll2017-11-26 08:09 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll2017-11-26 08:09 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll2017-11-26 08:09 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll2017-11-26 08:09 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll2017-11-26 08:09 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll2017-11-26 08:09 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll2017-11-26 08:09 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll2017-11-26 08:09 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll2017-11-26 08:09 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll2017-11-26 08:09 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll2017-11-26 08:09 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll2017-11-26 08:09 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll2017-11-26 08:09 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll2017-11-26 08:09 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll2017-11-26 08:09 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll2017-11-26 08:09 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll2017-11-26 08:09 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll2017-11-26 08:09 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll2017-11-26 08:09 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll2017-11-26 08:09 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll2017-11-26 08:09 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll2017-11-26 08:09 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll2017-11-26 08:09 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll2017-11-26 08:09 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll2017-11-26 08:09 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll2017-11-26 08:09 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll2017-11-26 08:09 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll2017-11-26 08:09 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll2017-11-26 08:09 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll2017-11-26 08:09 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll2017-11-26 08:09 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll2017-11-26 08:09 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll2017-11-26 08:09 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll2017-11-26 08:09 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll2017-11-26 08:09 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll2017-11-26 08:09 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll2017-11-26 08:09 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll2017-11-26 08:09 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll2017-11-26 08:09 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll2017-11-26 08:09 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll2017-11-26 08:09 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll2017-11-26 08:09 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll2017-11-26 08:09 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll2017-11-26 08:09 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll2017-11-26 08:09 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll2017-11-26 08:09 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll2017-11-26 08:09 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll2017-11-26 08:09 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll2017-11-26 08:09 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll2017-11-26 08:09 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll2017-11-26 08:09 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll2017-11-26 08:08 - 2017-11-26 08:09 - 000000000 ___HD C:\Windows\msdownld.tmp2017-11-26 08:08 - 2017-11-26 08:09 - 000000000 ____D C:\Windows\system32\directx2017-11-26 08:06 - 2017-11-26 08:06 - 000000000 ____D C:\Program Files\Common Files\Java2017-11-26 08:05 - 2017-11-26 08:05 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll2017-11-26 08:05 - 2017-11-26 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2017-11-26 08:05 - 2017-11-26 08:05 - 000000000 ____D C:\Program Files\Java2017-11-26 07:58 - 2017-11-26 07:59 - 009385872 _____ (Adobe Systems Inc.) C:\Users\sheri\Downloads\Shockwave_Installer_Full.exe2017-11-26 07:46 - 2017-11-26 07:46 - 000298216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmf6232.sys2017-11-17 11:07 - 2017-11-17 11:07 - 000052390 _____ C:\ProgramData\1510945611.bdinstall.bin2017-11-17 11:06 - 2017-11-17 11:06 - 000022336 _____ C:\ProgramData\agent.uninstall.1510945574.bdinstall.bin2017-11-17 08:19 - 2017-11-17 08:19 - 000070959 _____ C:\ProgramData\1510935518.bdinstall.bin2017-11-17 08:19 - 2017-11-17 08:19 - 000000000 ____D C:\Program Files\Common Files\Bitdefender2017-11-17 08:18 - 2017-11-17 11:07 - 000000000 ____D C:\Program Files\Bitdefender2017-11-16 22:55 - 2017-11-17 11:07 - 000000000 ____D C:\ProgramData\Bitdefender2017-11-16 22:54 - 2017-11-16 22:54 - 000000000 ____D C:\Users\sheri\AppData\Roaming\QuickScan2017-11-16 22:47 - 2017-11-18 04:51 - 000000000 ____D C:\Program Files\Bitdefender Agent2017-11-16 22:47 - 2017-11-16 22:47 - 000047148 _____ C:\ProgramData\agent.1510901256.bdinstall.bin2017-11-15 07:11 - 2017-10-11 16:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2017-11-15 07:11 - 2017-10-11 16:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll2017-11-15 07:11 - 2017-10-11 16:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll2017-11-15 07:10 - 2017-10-17 18:16 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2017-11-15 07:10 - 2017-10-17 18:11 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2017-11-15 07:10 - 2017-10-17 17:55 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2017-11-15 07:10 - 2017-10-17 17:55 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2017-11-15 07:10 - 2017-10-16 14:49 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2017-11-15 07:10 - 2017-10-16 13:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll2017-11-15 07:10 - 2017-10-15 14:04 - 000313184 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll2017-11-15 07:10 - 2017-10-11 16:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2017-11-15 07:10 - 2017-10-11 16:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2017-11-15 07:10 - 2017-10-11 16:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2017-11-15 07:10 - 2017-10-11 16:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2017-11-15 07:10 - 2017-10-11 16:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe2017-11-15 07:10 - 2017-10-11 16:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe2017-11-15 07:10 - 2017-10-11 16:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe2017-11-15 07:10 - 2017-10-11 16:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll2017-11-15 07:10 - 2017-10-11 16:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll2017-11-15 07:10 - 2017-10-11 16:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx2017-11-15 07:10 - 2017-10-11 16:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll2017-11-15 07:10 - 2017-10-11 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2017-11-15 07:10 - 2017-10-11 16:14 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys2017-11-15 07:10 - 2017-10-04 05:04 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe2017-11-15 07:10 - 2017-10-04 05:04 - 001321472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2017-11-15 07:10 - 2017-10-04 05:04 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2017-11-15 07:10 - 2017-10-04 05:04 - 000509440 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2017-11-15 07:10 - 2017-10-04 05:04 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2017-11-15 07:10 - 2017-10-04 05:04 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2017-11-15 07:10 - 2017-10-04 05:04 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2017-11-14 13:41 - 2017-11-14 13:41 - 000165925 _____ C:\Users\sheri\Documents\Scan_0003.pdf==================== One Month Modified files and folders ========(If an entry is included in the fixlist, the file/folder will be moved.)2017-12-13 07:32 - 2009-07-13 20:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02017-12-13 07:32 - 2009-07-13 20:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02017-12-13 07:00 - 2017-09-16 12:00 - 000000994 _____ C:\Windows\Tasks\Yahoo! Powered totes.job2017-12-13 07:00 - 2017-09-16 12:00 - 000000000 ____D C:\ProgramData\{C7F70294-4DB5-8852-CB73-161051319DDE}2017-12-13 06:45 - 2009-07-13 18:37 - 000000000 ____D C:\Windows\inf2017-12-13 06:27 - 2009-07-13 20:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT2017-12-13 05:53 - 2010-11-20 13:01 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI2017-12-13 05:32 - 2017-03-14 18:26 - 000000000 ____D C:\Users\sheri\AppData\Local\ElevatedDiagnostics2017-12-13 05:18 - 2017-03-14 18:49 - 000000000 ____D C:\Windows\pss2017-12-13 05:00 - 2016-10-31 07:00 - 000000000 ____D C:\Users\sheri\AppData\Local\VirtualStore2017-12-13 04:40 - 2017-02-04 04:07 - 000000000 ____D C:\Users\sheri\AppData\Local\Adobe2017-12-13 04:28 - 2017-02-05 00:15 - 000000376 _____ C:\Windows\Tasks\update-sys.job2017-12-13 04:28 - 2009-07-13 20:33 - 000489496 _____ C:\Windows\system32\FNTCACHE.DAT2017-12-13 04:27 - 2009-07-13 18:37 - 000000000 ____D C:\Windows\system32\Setup2017-12-13 02:31 - 2017-02-05 00:06 - 000000000 ____D C:\Windows\system32\MRT2017-12-13 02:26 - 2017-10-11 19:21 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe2017-12-13 02:26 - 2017-02-05 00:05 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe2017-12-13 01:09 - 2017-02-04 04:08 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2017-12-13 01:09 - 2017-02-04 04:08 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2017-12-13 01:09 - 2017-02-04 04:08 - 000000000 ____D C:\Windows\system32\Macromed2017-12-12 11:38 - 2017-09-16 12:00 - 000000000 ____D C:\Users\sheri\AppData\Roaming\397997B4-6E82-BE01-C692-08C19D3204DC2017-12-12 08:25 - 2017-02-04 04:18 - 000148688 _____ C:\Users\sheri\AppData\Local\GDIPFONTCACHEV1.DAT2017-12-12 08:07 - 2016-10-31 07:13 - 000000000 ____D C:\Users\sheri\AppData\Local\Google2017-12-12 07:51 - 2017-02-05 00:15 - 000000376 _____ C:\Windows\Tasks\update-S-1-5-21-3948143356-924845713-1080013463-1000.job2017-12-12 06:06 - 2017-02-04 05:25 - 050814976 _____ C:\Windows\system32\config\SOFTWARE.iobit2017-12-12 06:06 - 2017-02-04 05:25 - 001400832 _____ C:\Windows\system32\config\DEFAULT.iobit2017-12-12 06:06 - 2017-02-04 05:25 - 000024576 _____ C:\Windows\system32\config\SECURITY.iobit2017-12-12 06:06 - 2017-02-04 05:25 - 000024576 _____ C:\Windows\system32\config\SAM.iobit2017-12-11 21:35 - 2017-02-04 04:52 - 000000000 ____D C:\Users\sheri\AppData\Roaming\IMVU2017-12-11 16:53 - 2017-05-30 14:41 - 000000000 ____D C:\Users\sheri\AppData\Local\Roblox2017-12-11 05:38 - 2017-09-08 05:18 - 000000000 ____D C:\Users\sheri\Desktop\IMPORTANT2017-12-08 03:26 - 2017-02-04 04:19 - 000000000 ____D C:\ProgramData\ProductData2017-12-05 05:26 - 2009-07-13 20:53 - 000032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT2017-12-04 10:10 - 2016-10-31 07:00 - 000000000 ____D C:\Users\sheri2017-12-04 04:05 - 2009-07-13 18:37 - 000000000 ____D C:\Windows\rescache2017-12-02 21:09 - 2017-02-09 05:14 - 030924800 _____ C:\Windows\system32\config\COMPONENTS.iobit2017-11-27 21:43 - 2017-02-05 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2017-11-27 21:43 - 2017-02-04 04:52 - 000000000 ____D C:\Users\sheri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU2017-11-26 08:41 - 2017-02-04 04:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare2017-11-26 08:41 - 2017-02-04 04:18 - 000000000 ____D C:\ProgramData\IObit2017-11-26 08:22 - 2017-02-04 04:33 - 000000000 ____D C:\ProgramData\NVIDIA2017-11-26 08:19 - 2017-04-03 08:14 - 000000000 ____D C:\Program Files\Microsoft Visual Studio2017-11-26 08:06 - 2017-02-04 04:33 - 000000000 ____D C:\ProgramData\Oracle2017-11-26 07:59 - 2017-02-04 04:09 - 000000000 ____D C:\Windows\system32\Adobe2017-11-26 07:46 - 2017-02-04 04:31 - 000953856 _____ (NVIDIA Corporation) C:\Windows\system32\fdco2.dll2017-11-26 07:46 - 2017-02-04 04:31 - 000758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll2017-11-26 07:46 - 2017-02-04 04:31 - 000240232 _____ (NVIDIA Corporation) C:\Windows\system32\nvconrm.dll2017-11-26 07:46 - 2017-02-04 04:31 - 000011164 _____ C:\Windows\system32\Drivers\nvphy.bin2017-11-26 07:46 - 2017-02-04 04:30 - 000604776 _____ (NVIDIA Corporation) C:\Windows\system32\nvuninst.exe2017-11-21 19:01 - 2017-02-04 04:52 - 000001829 _____ C:\Users\sheri\Desktop\Run IMVU.lnk2017-11-20 12:32 - 2017-02-04 03:58 - 000450720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2017-11-16 08:15 - 2017-11-06 08:57 - 000000000 ____D C:\Program Files\Panda Security2017-11-16 08:15 - 2017-11-06 08:54 - 000000000 ____D C:\ProgramData\Panda Security2017-11-16 08:11 - 2017-11-06 08:59 - 000000000 ____D C:\Users\sheri\AppData\Roaming\Panda Security2017-11-16 01:14 - 2017-11-06 09:01 - 000000000 ____D C:\ProgramData\panda_url_filtering2017-11-16 01:14 - 2017-02-04 23:04 - 000000000 ____D C:\Windows\system32\appraiser2017-11-15 20:40 - 2016-10-31 07:14 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk==================== Files in the root of some directories =======2017-11-06 09:17 - 2017-11-06 09:17 - 000000033 _____ () C:\Users\sheri\AppData\Roaming\AdobeWLCMCache.dat2017-12-12 07:00 - 2017-12-13 07:00 - 000000052 _____ () C:\Users\sheri\AppData\Local\bpDLTbpDLT2017-12-07 15:53 - 2017-12-07 15:53 - 000011138 _____ () C:\Users\sheri\AppData\Local\recently-used.xbel2017-02-05 00:15 - 2017-02-05 00:15 - 000000003 _____ () C:\Users\sheri\AppData\Local\updater.log2017-02-05 00:15 - 2017-05-08 07:38 - 000000413 _____ () C:\Users\sheri\AppData\Local\UserProducts.xmlSome files in TEMP:====================2017-12-13 06:00 - 2017-12-13 06:00 - 012686696 _____ (Reimage) C:\Users\sheri\AppData\Local\Temp\ReimagePackage.exe==================== Bamital & volsnap ======================(There is no automatic fix for files that do not pass verification.)C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2017-12-09 02:13==================== End of FRST.txt ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-12-2017Ran by sheri (13-12-2017 07:45:53)Running from C:\Users\sheri\DesktopMicrosoft Windows 7 Home Premium  Service Pack 1 (X86) (2016-10-31 15:00:17)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-3948143356-924845713-1080013463-500 - Administrator - Disabled)Guest (S-1-5-21-3948143356-924845713-1080013463-501 - Limited - Disabled)sheri (S-1-5-21-3948143356-924845713-1080013463-1000 - Administrator - Enabled) => C:\Users\sheri==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)Adobe Illustrator CC 2018 (32 Bit) (HKLM\...\ILST_22_0_1_32) (Version: 22.0.1 - Adobe Systems Incorporated)Adobe Photoshop CS6 version 13.0.1 (HKLM\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)Advanced SystemCare 11 (HKLM\...\Advanced SystemCare_is1) (Version: 11.0.3 - IObit)CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)DownloadX ActiveX Download Control 1.6.8 (HKLM\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version:  - Genesis Mobile)Driver Booster 5 (HKLM\...\Driver Booster_is1) (Version: 5.0.3 - IObit)GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)Google Chrome (HKLM\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) HiddenHP Dropbox Plugin (HKLM\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)HP Google Drive Plugin (HKLM\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)HP OfficeJet 4650 series Basic Device Software (HKLM\...\{316F2147-3ED3-4AB3-80DD-00D458AE6DA8}) (Version: 40.11.1122.1796 - HP Inc.)HP OfficeJet 4650 series Help (HKLM\...\{20CA428A-0827-4441-BC64-5C577EA970AD}) (Version: 36.0.0 - Hewlett Packard)HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)I.R.I.S. OCR (HKLM\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)IMVU Avatar Chat Software (HKU\S-1-5-21-3948143356-924845713-1080013463-1000\...\IMVU Avatar chat client software BETA) (Version:  - )IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.1.0.510 - IObit)Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)Lightshot-5.4.0.10 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.12.111.1002 - Microsoft Corporation)MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)Office Printing Essentials 3 (HKLM\...\{54E76A97-D5FB-4EF4-857B-838E47705B98}) (Version: 25.0.0.5 - Nova Development)paint.net (HKLM\...\{02D89175-E08F-401B-BA30-8B7512B57723}) (Version: 4.0.17 - dotPDN LLC)QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.7.1 - Reimage) <==== ATTENTIONSmart Defrag 5 (HKLM\...\Smart Defrag_is1) (Version: 5.7.1 - IObit)swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) HiddenWinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)Wondershare Video Converter Ultimate(Build 8.6.0.0) (HKLM\...\Wondershare Video Converter Ultimate_is1) (Version: 8.6.0.0 - Wondershare Software)Yahoo Search Set (HKLM\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-3948143356-924845713-1080013463-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\sheri\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)CustomCLSID: HKU\S-1-5-21-3948143356-924845713-1080013463-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2017-09-26] ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2017-09-26] ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2017-09-26] ()ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2017-09-26] ()ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2017-12-13] (IObit)ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll [2015-02-27] ()ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2017-12-13] (IObit)ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files\IObit\Advanced SystemCare\ASCExtMenu.dll [2017-12-13] (IObit)ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation)ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll [2017-09-26] ()ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {09C1B22F-BD70-4E6F-856E-72ED5466C598} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-13] (Adobe Systems Incorporated)Task: {11ACD47F-8094-459A-B80F-460A14C2D6D8} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)Task: {28645BE9-1EF1-4D5F-95D3-8B9A9972A7C5} - System32\Tasks\Driver Booster SkipUAC (sheri) => C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe [2017-09-22] (IObit)Task: {2FDE5BE9-DBD5-40C9-88CC-FE13B0F157BC} - System32\Tasks\update-S-1-5-21-3948143356-924845713-1080013463-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)Task: {52B41B6D-6CC4-48FD-9E6E-816B31495548} - System32\Tasks\HPCustParticipation HP OfficeJet 4650 series => C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)Task: {54390A99-8443-4D79-BDD4-B715FA7DFBCE} - System32\Tasks\SmartDefrag_Update => C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)Task: {5962C689-9B58-4390-9CE2-AE9C2205F4C9} - System32\Tasks\Yahoo! Powered totes => C:\Windows\system32\wscript.exe "C:\ProgramData\{C7F70294-4DB5-8852-CB73-161051319DDE}\fodo.txt" "68747470733a2f2f7275647564756c752e636f6d" "433a5c50726f6772616d446174615c7b43374637303239342d344442352d383835322d434237332d3136313035313331394444457d5c736973657365" "433a5c50726f6772616d446174615c7b43374637303239342d344442352d38383532 (the data entry has 86 more characters). <==== ATTENTIONTask: {6056F227-06D3-4BAF-831F-266F5362E3D7} - System32\Tasks\ASC11_SkipUac_sheri => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2017-11-08] (IObit)Task: {72C1DDE0-95D8-49F9-BF64-2DE48FE2A760} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)Task: {793D4E3D-BDFF-40B0-89BF-0E9F5D08DF3C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\5.0.3\Scheduler.exe [2017-08-30] (IObit)Task: {93F6B2D5-2C58-4F6F-B50C-D22B51371A7F} - System32\Tasks\ASC11_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2017-11-07] (IObit)Task: {95C21BF1-3B35-4BFD-9B5A-74AAA32CEE94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-31] (Google Inc.)Task: {A1A5488F-B4A5-4888-A14C-4A5D7D72B49D} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe [2017-10-16] (IObit)Task: {A68B6B44-DD2C-4459-8904-3A9EDEF67BE8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)Task: {A7232125-7516-4CA1-8375-CF49F8A16152} - System32\Tasks\ASC_ASCTray_Auto => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2017-09-20] (IObit)Task: {AA1E3FDD-24E3-45D4-B9CA-4B1F326E7AE5} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-09-10] (Reimage®) <==== ATTENTIONTask: {B83A239D-C4E7-45F3-8F1F-EE23A9120A75} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)Task: {D48B948B-ABFF-4298-97AC-E67C68369044} - System32\Tasks\Uninstaller_SkipUac_sheri => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-15] (IObit)Task: {D91E6A00-129F-4C6A-9274-4A62575FA80E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)Task: {EF587BFF-B3FB-4D5E-97D7-353F9E546E0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-19] (Piriform Ltd)Task: {F02097F8-F737-481C-BBBE-7705062BA1CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-31] (Google Inc.)Task: {F0460CD2-3045-4293-BB0B-B4C72A4B46C6} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\Windows\Tasks\update-S-1-5-21-3948143356-924845713-1080013463-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exeTask: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exeTask: C:\Windows\Tasks\Yahoo! Powered totes.job => Wscript.exe  C:\ProgramData\{C7F70294-4DB5-8852-CB73-161051319DDE}\fodo.txt <==== ATTENTION==================== Shortcuts & WMI ========================(The entries could be listed to be restored or removed.)==================== Loaded Modules (Whitelisted) ==============2017-02-04 04:33 - 2015-01-30 16:48 - 000078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll2017-09-26 02:52 - 2017-09-26 02:52 - 000407632 _____ () C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll2017-04-14 14:52 - 2015-02-27 13:38 - 000214528 _____ () C:\Windows\System32\WSCM32.dll2017-02-04 04:41 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files\IObit\Smart Defrag\webres.dll2017-02-04 04:41 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files\IObit\Smart Defrag\ProductStatistics.dll2017-09-16 14:23 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl2017-09-16 14:23 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl2017-09-16 14:23 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl2017-02-04 04:18 - 2017-08-04 13:44 - 000082720 _____ () C:\Program Files\IObit\Advanced SystemCare\GetProcessDLL.dll2017-02-04 04:18 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files\IObit\Advanced SystemCare\webres.dll2017-02-04 04:20 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl2017-02-04 04:20 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl2017-02-04 04:20 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl2017-02-04 04:20 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll2017-02-04 04:20 - 2016-09-26 13:59 - 000631072 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll2017-02-04 04:18 - 2017-06-10 15:33 - 000631584 _____ () C:\Program Files\IObit\Advanced SystemCare\ProductStatistics.dll2017-11-15 20:40 - 2017-11-10 01:21 - 003075928 _____ () C:\Program Files\Google\Chrome\Application\62.0.3202.94\libglesv2.dll2017-11-15 20:40 - 2017-11-10 01:21 - 000086872 _____ () C:\Program Files\Google\Chrome\Application\62.0.3202.94\libegl.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\Users\sheri\Downloads\driver_booster_setup.exe:BDU [0]AlternateDataStreams: C:\Users\sheri\Downloads\mssstool32.exe:BDU [0]AlternateDataStreams: C:\Users\sheri\Downloads\ReimageRepair (1).exe:BDU [0]AlternateDataStreams: C:\Users\sheri\Downloads\ReimageRepair.exe:BDU [0]AlternateDataStreams: C:\Users\sheri\Downloads\wrar550.exe:BDU [0]==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"==================== Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2009-07-13 18:04 - 2017-02-04 04:14 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-3948143356-924845713-1080013463-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sheri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 192.168.0.1 - 205.171.2.25HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==MSCONFIG\startupfolder: C:^Users^sheri^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Cartridge Alerts - HP OfficeJet 4650 series (Network).lnk => C:\Windows\pss\Monitor Cartridge Alerts - HP OfficeJet 4650 series (Network).lnk.StartupMSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=trueMSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"MSCONFIG\startupreg: Advanced SystemCare 10 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /AutoMSCONFIG\startupreg: Advanced SystemCare 11 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /AutoMSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITORMSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exeMSCONFIG\startupreg: HP OfficeJet 4650 series (NET) => "C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH6BS4J14P0662:NW" -scfn "HP OfficeJet 4650 series (NET)" -AutoStart 1MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeMSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostartMSCONFIG\startupreg: Lightshot => C:\Program Files\Skillbrains\lightshot\Lightshot.exeMSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exeMSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyMSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottimeMSCONFIG\startupreg: ReminderApp_EEAC3053-7055-4143-B8A0-306758055099 => C:\Program Files\Nova Development\Office Printing Essentials 3\ReminderApp.exeMSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -sMSCONFIG\startupreg: SBAMTray => "C:\Program Files\VIPRE\SBAMTray.exe"MSCONFIG\startupreg: SmileboxTray => "C:\Users\sheri\AppData\Roaming\Smilebox\SmileboxTray.exe"MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"MSCONFIG\startupreg: Wondershare Media Server => C:\Program Files\Wondershare\Video Converter Ultimate\MediaLibServer.exe==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [{A714DB86-A236-4EF1-922D-3AF9EC008707}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exeFirewallRules: [{61FF5A8D-2974-4A74-9FB5-E8A22EFA3361}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exeFirewallRules: [{50119E2D-6721-4A91-B89B-22C71DCC7416}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exeFirewallRules: [TCP Query User{8CBD56B9-E123-4541-8B24-34C8B133ED9A}C:\program files\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\mediaserver.exeFirewallRules: [UDP Query User{DF899D01-70BD-41ED-9697-0F1D87097633}C:\program files\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\mediaserver.exeFirewallRules: [TCP Query User{3ABCCBEE-5347-416E-BACC-6904755945C5}C:\program files\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\medialibserver.exeFirewallRules: [UDP Query User{1C1B0F07-1CAF-489A-8DCE-E0CF1EDFBFB0}C:\program files\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\medialibserver.exeFirewallRules: [TCP Query User{48ACC076-5895-4AE5-B22D-FCBF4E676813}C:\program files\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\medialibserver.exeFirewallRules: [UDP Query User{1D5FCD64-FA2C-4ACD-821A-45FF1268A1C6}C:\program files\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files\wondershare\video converter ultimate\medialibserver.exeFirewallRules: [{0FD499AD-F486-4EE0-80A6-7784BA4575C2}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxPrinterUtility.exeFirewallRules: [{E986AAC6-71D1-4B77-9BA3-97EC99F2997D}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxApplications.exeFirewallRules: [{5E086D01-25DA-4C0A-91BB-F053E9C71FBA}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\DigitalWizards.exeFirewallRules: [{FE4E1177-5E21-43F0-A19E-FB019C2190BE}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\SendAFax.exeFirewallRules: [{B72BA15F-D4AE-412F-9EB0-10E629A45401}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\DeviceSetup.exeFirewallRules: [{54C6B2E0-D15F-449A-ABF6-0C5652710A84}] => (Allow) LPort=5357FirewallRules: [{B9907856-7D49-4893-B0BC-48960C084DBA}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exeFirewallRules: [{6DF75AD9-5CF1-43E9-A361-BA2DDA5E8015}] => (Block) LPort=445FirewallRules: [{E86A628C-6A6F-494F-96D3-D08C09501F08}] => (Block) LPort=445FirewallRules: [{5DBED4D0-8F25-4D09-BD0E-8670A1148C03}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exeFirewallRules: [{C9BEB34E-FA49-47CB-992B-887FA6FD1922}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exeFirewallRules: [{F899059D-9695-451F-BB8B-108F75B75187}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exeFirewallRules: [{6006D86F-E84B-4DCE-A169-A4D46C3DAF7F}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exeFirewallRules: [{C4B55828-5F44-4A7B-8DEF-1B103D9A144E}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exeFirewallRules: [{F767AD7D-DE7F-4AE6-9C52-68AD98296CAE}] => (Allow) C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exeFirewallRules: [{102B0DC7-A94A-4510-84D9-65144ABBC56A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe==================== Restore Points =========================01-12-2017 20:20:10 Windows Modules Installer03-12-2017 18:53:43 Installed Windows 7 USB/DVD Download Tool05-12-2017 05:32:42 Windows Update12-12-2017 05:22:21 Windows Update12-12-2017 08:22:24 Windows Update12-12-2017 08:38:33 Windows Update13-12-2017 02:24:06 Windows Update13-12-2017 05:04:49 Removed HP Officejet 4630 series Basic Device Software13-12-2017 05:29:34 Removed Windows 7 USB/DVD Download Tool==================== Faulty Device Manager Devices =============Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.==================== Event log errors: =========================Application errors:==================Error: (12/13/2017 07:15:31 AM) (Source: WgaNotify) (EventID: 4373) (User: )Description: Event-ID 4373Error: (12/13/2017 07:15:00 AM) (Source: WgaNotify) (EventID: 4373) (User: )Description: Event-ID 4373Error: (12/13/2017 06:28:38 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.Error: (12/13/2017 06:22:29 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: VIPREUI.exe, version: 10.1.4.33, time stamp: 0x5977bfbdFaulting module name: PresentationCore.ni.dll, version: 4.7.2117.0, time stamp: 0x59cf595bException code: 0xc00000fdFault offset: 0x0024615fFaulting process id: 0x15b8Faulting application start time: 0x01d3741dbf845230Faulting application path: C:\Program Files\VIPRE\VIPREUI.exeFaulting module path: C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8f60f287a302618931fadffc35cacedd\PresentationCore.ni.dllReport Id: 0c5217f0-e011-11e7-a3b3-002197c3e0a9Error: (12/13/2017 06:21:20 AM) (Source: MsiInstaller) (EventID: 10005) (User: sheri-PC)Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.Error: (12/13/2017 06:20:29 AM) (Source: MsiInstaller) (EventID: 10005) (User: sheri-PC)Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.Error: (12/13/2017 06:17:28 AM) (Source: MsiInstaller) (EventID: 10005) (User: sheri-PC)Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.Error: (12/13/2017 06:14:02 AM) (Source: MsiInstaller) (EventID: 10005) (User: sheri-PC)Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.Error: (12/13/2017 06:03:44 AM) (Source: MsiInstaller) (EventID: 10005) (User: sheri-PC)Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.Error: (12/13/2017 05:12:37 AM) (Source: WinMgmt) (EventID: 10) (User: )Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.System errors:=============Error: (12/13/2017 06:29:23 AM) (Source: BROWSER) (EventID: 8032) (User: )Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{FB7B3318-7CD1-4E4D-887C-1D71C5647D83}.The backup browser is stopping.Error: (12/13/2017 06:27:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Agere Modem Call Progress Audio service failed to start due to the following error: The system cannot find the file specified.Error: (12/13/2017 05:16:19 AM) (Source: DCOM) (EventID: 10010) (User: )Description: The server {FE7E09CE-BBF4-4698-8BC1-37C9002DAA43} did not register with DCOM within the required timeout.Error: (12/13/2017 05:16:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The VIPRE Advanced Security service hung on starting.Error: (12/13/2017 05:11:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Agere Modem Call Progress Audio service failed to start due to the following error: The system cannot find the file specified.Error: (12/13/2017 05:10:45 AM) (Source: volmgr) (EventID: 46) (User: )Description: Crash dump initialization failed!Error: (12/13/2017 05:09:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.Error: (12/13/2017 05:09:58 AM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).Error: (12/13/2017 05:09:58 AM) (Source: DCOM) (EventID: 10005) (User: )Description: DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server:{204810B9-73B2-11D4-BF42-00B0D0118B56}Error: (12/13/2017 04:52:06 AM) (Source: BROWSER) (EventID: 8032) (User: )Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{FB7B3318-7CD1-4E4D-887C-1D71C5647D83}.The backup browser is stopping.==================== Memory info =========================== Processor: AMD Athlon(tm) Dual Core Processor 4050e Percentage of memory in use: 46%Total physical RAM: 2942.49 MBAvailable physical RAM: 1578.47 MBTotal Virtual: 5884.98 MBAvailable Virtual: 4243.93 MB==================== Drives ================================Drive c: () (Fixed) (Total:297.99 GB) (Free:245.13 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C9EED053)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)==================== End of Addition.txt ============================</blockquote>

Verification

Top