My primary issue is that every time I open a PDF with Adobe, I get the following two error messages:
Error Message #1:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
The file or directory is corrupted and unreadable.
Immediately followed by:
Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.
The adobe fix online said to run CheckDisk, which I did and that unfortunately did not solve the problem. I found some other sites online that said it could be Malware, and I stumbled upon your great website.
(A secondary issue that has me suspicious is that my computer internet sometimes cuts out - even though my wife's computer has no issues - and restarting the computer sometimes helps... so I'm not sure about that one... but if something comes up with that that would be helpful!)
Thank you for the work you do.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2019
Ran by nickshaver06 (administrator) on SHAVERHOME (Dell Inc. Inspiron 11 - 3147) (03-09-2019 20:46:18)
Running from C:\Users\nickshaver06\Downloads
Loaded Profiles: nickshaver06 (Available Profiles: nickshaver06)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634648 2014-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-06-16] (FabulaTech -> )
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337440 2013-06-25] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [244080 2015-08-20] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1321984 2019-02-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\Run: [Dropbox Update] => C:\Users\nickshaver06\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\Run: [Google Update] => C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.35.2\GoogleUpdateCore.exe [1081640 2019-08-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\MountPoints2: {1c1aa9e5-ac5b-11e6-829d-4cbb583af1fb} - "E:\DTVaultPrivacy.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\nickshaver06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-09-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00FF248D-4CA2-449B-B54C-35D418AFF703} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {05868E8A-E8B1-4361-9907-2F8F4316F849} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {09F565C9-0DFC-46CE-A48F-95F73B1C61E8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1163352 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {21043663-9D55-490C-B171-55C19AB98E38} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {21043663-9D55-490C-B171-55C19AB98E38} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {24649D75-686F-482E-AA27-A37FCFBB1DFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-06-25] (Google Inc -> Google Inc.)
Task: {2C77453B-8D50-4612-9BBE-37A771F9386F} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe [6656 2015-12-12] () [File not signed] <==== ATTENTION
Task: {2EC7A0FB-9C58-4C92-B7A3-43D07F05881D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA => C:\Users\nickshaver06\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4629EC2B-2B24-4FA7-A18E-493BAC9007B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [292952 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DA19172-4857-439E-95C2-45CFAE6CF62F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] () [File not signed]
Task: {5DAF7BF0-E87A-484A-9EAD-4813E92C3976} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-03-10] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {A2F118FE-D74F-43A1-90B3-FF77C4D38A69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-06-25] (Google Inc -> Google Inc.)
Task: {AD4875B7-A94A-450C-A038-B2D09E15FC47} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {AD4875B7-A94A-450C-A038-B2D09E15FC47} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {BE8574E2-C951-4C85-ADBC-B504239DA72F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFEAF30A-CC78-490C-A670-6549D1ACA1C5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core => C:\Users\nickshaver06\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C3EF6070-C899-4FB3-A237-FBFDB17B89F6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D02D87FC-D1E5-4F6B-82C8-EB04E7585035} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D3EC277F-793D-4741-A600-43AE0FE268BF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA => C:\Users\nickshaver06\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-05] (Google Inc -> Google Inc.)
Task: {E198A809-E8C7-45AC-ADBF-802FC99B1C76} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core => C:\Users\nickshaver06\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-07-05] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core.job => C:\Users\nickshaver06\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA.job => C:\Users\nickshaver06\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{B6C9BB14-55E2-405F-8B2A-D9B80E42738E}: [DhcpNameServer] 192.168.200.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1023352508-1266729709-51963614-1001 -> DefaultScope {A5BA95ED-DCBC-4A11-8C59-86D0F3122845} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1023352508-1266729709-51963614-1001 -> {540F9C83-EED3-414F-BDA5-9D527B2B5CA7} URL =
SearchScopes: HKU\S-1-5-21-1023352508-1266729709-51963614-1001 -> {A5BA95ED-DCBC-4A11-8C59-86D0F3122845} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150905085117.dll [2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150905085119.dll [2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\nickshaver06\AppData\Roaming\Mozilla\Firefox\Profiles\6p6zh3u3.default-1479655099617 [2019-03-31]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-09-01] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: (McAfee ScriptScan for Firefox) - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2015-09-14] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1023352508-1266729709-51963614-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\nickshaver06\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1023352508-1266729709-51963614-1001: @talk.google.com/O1DPlugin -> C:\Users\nickshaver06\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-1023352508-1266729709-51963614-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.35.2\npGoogleUpdate3.dll [2019-08-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1023352508-1266729709-51963614-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.35.2\npGoogleUpdate3.dll [2019-08-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1023352508-1266729709-51963614-1001: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\nickshaver06\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2016-07-05]
FF Plugin ProgramFiles/Appdata: C:\Users\nickshaver06\AppData\Roaming\mozilla\plugins\npo1d.dll [2016-07-05]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://accounts.google.com/signin/v2/i ... rviceLogin
CHR StartupUrls: Default -> "hxxps://accounts.google.com/signin/v2/identifier?continue=https%3A%2F%2Fmail.google.com%2Fmail%2F&service=mail&sacu=1&rip=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin","hxxp://www.weather.com/weather/tenday/USOH0188","hxxp://www.google.com/"
CHR Profile: C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default [2019-09-03]
CHR Extension: (Google Drive) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Audiotool) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-08-16]
CHR Extension: (YouTube) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (hxxps://www.google.com/calendar/render?tab=mc) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfcnnjfpalolhpacllfghflhanpgmae [2015-02-05]
CHR Extension: (hxxps://www.google.com/voice#inbox) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\edppnbohmflmmlhmjibmdldokcbmlnif [2015-02-05]
CHR Extension: (Dictation for Gmail) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggdmhdpffgikgakkfojgiledkekfdce [2019-08-25]
CHR Extension: (hxxps://maps.google.com/) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\fechlkhcpcpaffdigchfolpfbpnbpcgi [2015-02-05]
CHR Extension: (AdBlock) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-29]
CHR Extension: (TwistedWave) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhjkhabkkillndljkhedpfldghbpljij [2015-08-16]
CHR Extension: (Loom - Video Recorder: Screen, Webcam and Mic) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2019-09-01]
CHR Extension: (LipSurf - Voice Control for the Web) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnnmjmalakahagblkkcnjkoaihlfglon [2019-08-31]
CHR Extension: (Google Classroom) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\nickshaver06\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] (FabulaTech -> )
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] (FabulaTech -> )
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [130080 2013-06-25] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [262544 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [215104 2015-10-29] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-03] (Dell Inc. -> SoftThinks SAS)
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-10-13] (VMware, Inc. -> VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (FabulaTech -> VMware)
S4 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-10-14] (VMware, Inc. -> VMware, Inc.)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-02-10] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeaacsk; C:\Windows\System32\drivers\mfeaacsk.sys [64416 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2015-04-02] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-09-05] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [66080 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [114880 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-09-05] (McAfee, Inc. -> McAfee, Inc.)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-09] (Realtek Semiconductor Corp -> Realtek )
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22168 2012-07-13] (STMicroelectronics -> ST Microelectronics)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (Microsoft Windows Hardware Compatibility Publisher -> STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-03-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [73616 2019-02-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-03 20:46 - 2019-09-03 20:49 - 000029060 _____ C:\Users\nickshaver06\Downloads\FRST.txt
2019-09-03 20:45 - 2019-09-03 20:46 - 000000000 ____D C:\FRST
2019-09-03 20:26 - 2019-09-03 20:26 - 001615360 _____ (Farbar) C:\Users\nickshaver06\Downloads\FRST64.exe
2019-09-03 20:21 - 2019-09-03 20:21 - 000000967 _____ C:\Users\nickshaver06\Desktop\Balabolka.lnk
2019-09-03 20:21 - 2019-09-03 20:21 - 000000000 ____D C:\Users\nickshaver06\Documents\Balabolka
2019-09-03 20:21 - 2019-09-03 20:21 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2019-09-03 20:21 - 2019-09-03 20:21 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\Balabolka
2019-09-03 20:21 - 2019-09-03 20:21 - 000000000 ____D C:\Program Files (x86)\Balabolka
2019-09-03 15:38 - 2019-09-03 20:18 - 017973561 _____ C:\Users\nickshaver06\Downloads\balabolka.zip
2019-09-03 15:09 - 2019-09-03 15:09 - 000000000 ___RD C:\Users\nickshaver06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-09-01 19:50 - 2019-09-03 20:20 - 018158212 _____ (Ilya Morozov) C:\Users\nickshaver06\Documents\setup.exe
2019-09-01 19:22 - 2019-09-03 20:20 - 000002732 _____ C:\Users\nickshaver06\Documents\readme.rus.txt
2019-09-01 19:22 - 2019-09-03 20:20 - 000002603 _____ C:\Users\nickshaver06\Documents\readme.slk.txt
2019-09-01 19:22 - 2019-09-03 20:20 - 000002561 _____ C:\Users\nickshaver06\Documents\readme.cze.txt
2019-09-01 19:22 - 2019-09-03 20:20 - 000002541 _____ C:\Users\nickshaver06\Documents\readme.ita.txt
2019-09-01 19:22 - 2019-09-03 20:20 - 000002452 _____ C:\Users\nickshaver06\Documents\readme.eng.txt
2019-09-01 19:21 - 2019-09-03 20:20 - 000060123 _____ C:\Users\nickshaver06\Documents\history.rus.txt
2019-09-01 19:21 - 2019-09-03 20:20 - 000057225 _____ C:\Users\nickshaver06\Documents\history.eng.txt
2019-08-31 11:19 - 2019-08-31 11:19 - 000000439 _____ C:\Users\nickshaver06\Desktop\Fine-PARwithinandbeyondprison-1.txt
2019-08-29 11:01 - 2019-08-29 11:01 - 002999824 _____ (Awind) C:\Users\nickshaver06\Downloads\AirMedia-0e6ce0_.10.132.3.157.exe
2019-08-29 11:01 - 2019-08-29 11:01 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\AirMedia
2019-08-27 09:59 - 2019-08-27 09:59 - 000078726 _____ C:\Users\nickshaver06\Downloads\Extras.Txt
2019-08-27 09:54 - 2019-08-27 09:54 - 000146372 _____ C:\Users\nickshaver06\Downloads\OTL.Txt
2019-08-27 09:14 - 2019-08-27 09:14 - 000602112 _____ (OldTimer Tools) C:\Users\nickshaver06\Downloads\OTL.exe
2019-08-27 09:12 - 2019-08-27 09:13 - 000157808 _____ C:\TDSSKiller.2.8.16.0_27.08.2019_09.12.16_log.txt
2019-08-27 09:12 - 2019-08-27 09:12 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\nickshaver06\Desktop\tdsskiller.exe
2019-08-27 09:05 - 2019-08-27 09:05 - 000468480 _____ () C:\Users\nickshaver06\Downloads\CKScanner.exe
2019-08-26 09:23 - 2019-08-26 09:23 - 000000000 ____D C:\Users\nickshaver06\Documents\YBC Big Files
2019-08-26 09:21 - 2019-09-03 15:09 - 000002186 _____ C:\Users\nickshaver06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
2019-08-26 09:19 - 2019-08-26 09:19 - 000321832 _____ C:\Windows\Minidump\082619-36109-01.dmp
2019-08-26 09:17 - 2019-08-26 09:17 - 006705275 _____ C:\Users\nickshaver06\Desktop\_YBC_Materials_ForTeam.zip
2019-08-24 15:03 - 2019-08-24 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wordle
2019-08-24 15:03 - 2019-08-24 15:03 - 000000000 ____D C:\Program Files (x86)\wordle
2019-08-24 15:02 - 2019-08-24 15:02 - 008762368 _____ () C:\Users\nickshaver06\Downloads\wordle_windows_0_2.exe
2019-08-24 10:36 - 2019-08-24 10:36 - 000000000 _____ C:\Windows\invcol.tmp
2019-08-23 08:59 - 2019-08-23 08:59 - 000000000 ____D C:\Users\nickshaver06\.cisco
2019-08-23 08:57 - 2019-08-23 08:57 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\Cisco
2019-08-23 08:57 - 2019-08-23 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2019-08-23 08:57 - 2019-08-23 08:57 - 000000000 ____D C:\ProgramData\Cisco
2019-08-23 08:57 - 2019-02-05 12:04 - 000263640 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsock64.sys
2019-08-23 08:56 - 2019-08-23 08:56 - 005734672 _____ (Cisco Systems, Inc.) C:\Users\nickshaver06\Downloads\anyconnect-win-4.6.04056-core-vpn-webdeploy-k9.exe
2019-08-22 23:26 - 2019-09-02 09:36 - 000000000 _____ C:\Users\nickshaver06\Documents\.Rhistory
2019-08-22 22:44 - 2019-08-22 22:46 - 000000000 ____D C:\ProgramData\Temp
2019-08-22 22:19 - 2019-08-22 22:19 - 000000000 ____D C:\Windows\{E9E39016-F1A4-4947-BF49-E0DACA61F95C}
2019-08-22 22:19 - 2019-08-22 22:19 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\VMware
2019-08-22 22:19 - 2015-07-30 19:46 - 000057536 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2019-08-22 22:08 - 2019-08-22 22:08 - 000000000 ____D C:\ProgramData\VMware
2019-08-22 22:07 - 2019-08-23 09:02 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\VMware
2019-08-22 22:07 - 2019-08-22 22:07 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-08-22 22:07 - 2019-08-22 22:07 - 000000000 ____D C:\Program Files (x86)\VMware
2019-08-22 22:05 - 2019-08-22 22:05 - 039458928 _____ (VMware, Inc.) C:\Users\nickshaver06\Downloads\VMware-Horizon-View-Client-x86_64-3.5.2-3150477.exe
2019-08-22 21:56 - 2019-09-02 09:36 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\RStudio
2019-08-22 21:35 - 2019-08-22 21:35 - 000000000 ____D C:\Users\nickshaver06\Documents\R
2019-08-22 21:34 - 2019-09-02 09:36 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\RStudio-Desktop
2019-08-22 21:32 - 2015-08-22 09:42 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-08-22 21:32 - 2015-08-22 09:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-08-22 21:28 - 2019-08-22 21:28 - 015080792 _____ (Microsoft Corporation) C:\Users\nickshaver06\Downloads\vc_redist.x64.exe
2019-08-22 21:24 - 2019-08-22 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2019-08-22 21:22 - 2019-08-22 21:24 - 000000000 ____D C:\Program Files\RStudio
2019-08-22 21:20 - 2019-08-22 21:22 - 133103936 _____ (RStudio, Inc.) C:\Users\nickshaver06\Downloads\RStudio-1.2.1335.exe
2019-08-22 21:20 - 2019-08-22 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-08-22 21:16 - 2019-08-22 21:16 - 000000000 ____D C:\Program Files\R
2019-08-22 21:14 - 2019-08-22 21:15 - 084681344 _____ (R Core Team ) C:\Users\nickshaver06\Downloads\R-3.6.1-win.exe
2019-08-19 11:11 - 2019-08-19 15:10 - 000000060 _____ C:\Users\nickshaver06\Desktop\Base Camp Time Sheet.txt
2019-08-14 14:49 - 2019-08-14 14:49 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-08-07 11:20 - 2019-08-19 09:34 - 000000189 _____ C:\Users\nickshaver06\Desktop\TimeSheet - Tylers Work Macros.txt
2019-08-07 11:19 - 2019-09-02 11:20 - 000000798 _____ C:\Users\nickshaver06\Desktop\Time sheet - Almanac Programming.txt
2019-08-05 11:00 - 2019-08-05 11:00 - 000000276 _____ C:\Users\nickshaver06\Desktop\Jordan - Next Steps.txt
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-03 21:00 - 2018-07-29 15:04 - 000000000 ____D C:\Users\nickshaver06\Desktop\Torch Prep Big Files
2019-09-03 20:51 - 2015-06-16 10:58 - 000000968 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA.job
2019-09-03 20:24 - 2015-02-05 18:22 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\Packages
2019-09-03 20:20 - 2019-06-22 21:35 - 000004693 _____ C:\Users\nickshaver06\Documents\license.rus.txt
2019-09-03 20:20 - 2019-05-29 20:42 - 000005432 _____ C:\Users\nickshaver06\Documents\license.slk.txt
2019-09-03 20:20 - 2018-08-23 10:52 - 000005305 _____ C:\Users\nickshaver06\Documents\license.cze.txt
2019-09-03 20:20 - 2018-03-24 02:58 - 000005707 _____ C:\Users\nickshaver06\Documents\license.ita.txt
2019-09-03 20:20 - 2018-03-24 02:57 - 000004967 _____ C:\Users\nickshaver06\Documents\license.eng.txt
2019-09-03 15:48 - 2015-02-05 18:27 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1023352508-1266729709-51963614-1001
2019-09-03 15:21 - 2015-08-07 15:20 - 000000000 ___DO C:\Users\nickshaver06\OneDrive
2019-09-03 15:21 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2019-09-03 15:15 - 2014-12-27 11:49 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2019-09-03 15:11 - 2014-03-18 05:53 - 000005388 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-03 15:09 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\Registration
2019-09-03 15:06 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-03 08:51 - 2015-06-16 10:58 - 000000916 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core.job
2019-09-03 08:50 - 2019-01-20 14:04 - 000000166 _____ C:\Users\nickshaver06\Desktop\Invite to Next Potluck.txt
2019-09-03 08:47 - 2017-08-01 20:06 - 000000934 _____ C:\Users\nickshaver06\Desktop\BECKS LIST to Buy.txt
2019-09-02 19:49 - 2019-06-18 14:45 - 000000607 _____ C:\Users\nickshaver06\Desktop\Timesheet - Content Alignment TimeSheet.txt
2019-09-02 09:36 - 2015-02-05 18:45 - 000000000 ___RD C:\Users\nickshaver06\Dropbox
2019-09-02 09:31 - 2015-02-16 12:53 - 000000000 ____D C:\Users\nickshaver06\AppData\Local\CrashDumps
2019-08-31 14:55 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-08-31 14:52 - 2015-02-05 18:22 - 000000000 ____D C:\Users\nickshaver06
2019-08-28 21:05 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2019-08-26 14:52 - 2015-06-25 12:36 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-26 09:19 - 2015-06-10 09:24 - 376176329 _____ C:\Windows\MEMORY.DMP
2019-08-26 09:19 - 2015-06-10 09:24 - 000000000 ____D C:\Windows\Minidump
2019-08-24 10:37 - 2014-12-27 10:19 - 000000000 ____D C:\DELL
2019-08-23 09:02 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-08-23 08:57 - 2014-12-27 11:43 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-08-22 22:45 - 2014-12-27 11:56 - 000000000 ____D C:\Program Files (x86)\Dell
2019-08-22 22:45 - 2014-12-27 11:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-08-22 22:45 - 2014-12-27 10:40 - 000000000 ____D C:\ProgramData\DELL
2019-08-22 22:35 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-08-22 21:49 - 2017-02-12 13:34 - 000000000 ____D C:\Users\nickshaver06\Documents\Old Dropbox Teaching Files
2019-08-22 21:33 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2019-08-22 21:31 - 2014-12-27 11:34 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-22 08:46 - 2015-06-16 10:58 - 000003928 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA
2019-08-22 08:46 - 2015-06-16 10:58 - 000003548 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core
2019-08-20 10:18 - 2013-08-22 11:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-20 10:16 - 2015-02-07 10:02 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-08-19 10:24 - 2018-06-22 14:37 - 000000000 ___RD C:\Users\nickshaver06\Documents\Scanned Documents
2019-08-15 20:11 - 2016-07-05 16:37 - 000003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001UA
2019-08-15 20:11 - 2016-07-05 16:37 - 000003246 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1023352508-1266729709-51963614-1001Core
2019-08-14 14:50 - 2015-02-05 18:38 - 000000000 ____D C:\Users\nickshaver06\AppData\Roaming\Dropbox
==================== FLock ================
2014-12-27 12:59 C:\System Recovery
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-08-29 14:04
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by nickshaver06 (03-09-2019 21:01:00)
Running from C:\Users\nickshaver06\Downloads
Windows 8.1 (Update) (X64) (2015-02-05 22:22:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1023352508-1266729709-51963614-500 - Administrator - Disabled)
Guest (S-1-5-21-1023352508-1266729709-51963614-501 - Limited - Disabled)
nickshaver06 (S-1-5-21-1023352508-1266729709-51963614-1001 - Administrator - Enabled) => C:\Users\nickshaver06
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan Enterprise (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) <==== ATTENTION
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.15.0.710 - Ilya Morozov)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.6.04056 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{313E239A-6D0E-45E8-9890-A4C698A43EAE}) (Version: 4.6.04056 - Cisco Systems, Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\Dropbox) (Version: 79.4.143 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
McAfee Agent (HKLM-x32\...\{1FDB8EC6-BAF1-42F9-8E09-4D9AB369F1B5}) (Version: 4.8.0.887 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.06000 - McAfee, Inc.)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Dell Client Framework (HKLM-x32\...\{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell) Hidden
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
R for Windows 3.6.1 (HKLM\...\R for Windows 3.6.1_is1) (Version: 3.6.1 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.2.1335 - RStudio)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wordle 0.2 (HKLM-x32\...\6068-4591-7093-1796) (Version: 0.2 - )
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2015-07-11] (Amazon.com)
Bamboo Paper -> C:\Program Files\WindowsApps\D91E29CF.BambooPaper_1.4.2.0_x86__38kynpdw5g1aw [2018-05-30] (Wacom Europe GmbH)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.7.0.1_neutral__6e5tt8cgb93ep [2017-12-11] (Canon Inc.)
Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.0.0_neutral__htrsf667h5kn2 [2016-05-29] (Dell Inc)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-02-10] (eBay, Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-17] (Flipboard)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2018-06-19] (Hewlett-Packard Company)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)
McAfee® Central for Dell -> C:\Program Files\WindowsApps\McAfeeInc.01.McAfeeSecurityAdvisorforDell_5.0.167.1_x64__n49tcsmxt2t2c [2018-03-29] (McAfee Inc)
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-24] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-04-08] (Microsoft Corporation)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-08] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.34.12\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{8A589AFF-8DA8-49C5-B89B-20C9DF31F2B7}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.30.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{9371045C-7BFF-48FD-9667-EA0499304115}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.35.2\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.35.2\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\nickshaver06\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1023352508-1266729709-51963614-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:/Program Files (x86)/Dell Backup and Recovery/Components/Shell/DBROverlayIcon.DLL [2014-06-04] (SoftThinks -> )
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:/Program Files (x86)/Dell Backup and Recovery/Components/Shell/DBROverlayNotBackuped.DLL [2014-06-04] (SoftThinks -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2019-02-08] (Ilya Morozov) [File not signed]
ContextMenuHandlers1: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2015-08-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers4: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2015-08-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2015-08-20] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1_S-1-5-21-1023352508-1266729709-51963614-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1023352508-1266729709-51963614-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1023352508-1266729709-51963614-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-11-18 08:53 - 2018-11-18 08:53 - 000644608 _____ () [File not signed] C:\Program Files (x86)\Balabolka\lame_enc.dll
2008-06-22 03:58 - 2008-06-22 03:58 - 000134656 _____ () [File not signed] C:\Program Files (x86)\Balabolka\utils\chsdet.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 04:43 - 2014-02-26 04:43 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-12-27 11:43 - 2014-02-27 03:39 - 000440320 ____N (Atheros) [File not signed] C:\Windows\system32\athihvs.dll
2019-02-08 20:28 - 2019-02-08 20:28 - 000370176 _____ (Ilya Morozov) [File not signed] C:\Program Files (x86)\Balabolka\BFileExt.dll
2014-05-10 20:21 - 2014-05-10 20:21 - 000969728 _____ (Ilya Morozov, Regine Mьller) [File not signed] C:\Program Files (x86)\Balabolka\syllable.dll
2014-02-26 04:50 - 2014-02-26 04:50 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll
2014-02-26 04:50 - 2014-02-26 04:50 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL
2014-02-26 04:51 - 2014-02-26 04:51 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ModuleManager.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\skypeagent.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll
2014-02-26 04:51 - 2014-02-26 04:51 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll
2014-02-26 04:44 - 2014-02-26 04:44 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\LE\LE.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Audio\audio.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\BIP\BIP.dll
2014-02-26 04:44 - 2014-02-26 04:44 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\DID\DId.dll
2014-02-26 04:44 - 2014-02-26 04:44 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FAX\Fax.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-02-26 04:41 - 2014-02-26 04:41 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\goep\goep.dll
2014-02-26 04:43 - 2014-02-26 04:43 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\pbap\pbap.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\sap\sap.dll
2014-02-26 04:46 - 2014-02-26 04:46 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\spp\spp.dll
2014-02-26 04:45 - 2014-02-26 04:45 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Sync\Sync.dll
2019-03-02 05:16 - 2019-03-02 05:16 - 001375744 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Balabolka\LIBEAY32.dll
2019-03-02 05:16 - 2019-03-02 05:16 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Balabolka\ssleay32.dll
2015-10-14 19:04 - 2015-10-14 19:04 - 001604096 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\LIBEAY32.dll
2015-10-14 19:04 - 2015-10-14 19:04 - 000296960 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
DNS Servers: 192.168.200.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Dell Customer Connect => 2
MSCONFIG\Services: Dell Hardware Support => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: TabletServicePen => 2
MSCONFIG\Services: TouchServicePen => 2
MSCONFIG\Services: WavesSysSvc => 2
MSCONFIG\Services: WysePocketCloud => 2
MSCONFIG\Services: WyseRemoteAccess => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1023352508-1266729709-51963614-1001\...\StartupApproved\Run: => "HP ENVY 4520 series (NET)"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1C28C780-7A10-472C-8047-FC4623B5A8EB}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe No File
FirewallRules: [{1A466FB2-130E-4EA6-ABCA-15B0E3AACFC5}] => (Allow) C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BEC23CAA-FC6E-4494-A1E8-BA92D8AF671B}] => (Allow) C:\Users\nickshaver06\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{621001AC-5330-4F4D-BE1B-0614BA699F0B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9D2177E-78D9-42A9-A244-2A940B686EE0}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{631B7EF3-E256-43D0-9DC8-2303527CA46C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{C32A07E2-EAB6-417C-96C5-2BC89CAD6240}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{62A87981-7243-4A18-A042-EB08A6587FF7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{81DF1DC7-6287-434B-A39D-A0F24AEA7CD1}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{C82E6ECB-0A5C-401B-8C64-A916FABE9FB5}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{9E7E6577-EAEA-4B06-A4D0-A35F330B81D8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{AC98CF56-01D8-4EF3-AFBF-1A2FB240B6E7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{B553EABE-6D13-4DEA-B2FB-53D9A179F1A7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{696854C2-131C-4ADB-8434-F566AB03D0CF}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{2156CC17-0E92-4DC6-802D-90F10F8F03A3}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{B0D67AF0-75C2-4B94-9F10-D27DE2AA999B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\MfeServiceMgr.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{F22A9052-EE2C-41E6-B650-E601DF9D2DB1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27D250F3-39C5-48F0-BF5F-1E2E42C34114}] => (Allow) LPort=2869
FirewallRules: [{ECC9C5AD-DE61-424F-814A-82EF7ACB5266}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{7CB31833-A444-4E9F-8BEE-FE5530FC5557}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{5D830A2F-157A-4544-AA8D-E6CDF572F3C0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{04CE56CF-F78C-4E49-BE77-B539CEAE3C2D}] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{195F25EE-F38B-456A-9FBA-B3CFFAF10CAA}C:\users\nickshaver06\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\nickshaver06\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{A3C70F2B-4363-4E59-89E5-504C645B5784}C:\users\nickshaver06\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\nickshaver06\appdata\local\blackboard\blackboard collaborate launcher\embedded\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{B96FD484-8A56-4C4F-A87E-17CFE301710C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F906255-FF50-456F-93CD-77996339CC9E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{07342B63-4C97-447F-9E16-48DC793EC7F4}C:\users\nickshaver06\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nickshaver06\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{E3CA630E-FA63-4B10-9259-CBDBC713CA54}C:\users\nickshaver06\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nickshaver06\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{CF7F5AAA-BF38-4876-B679-AD5901B9EFFC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{613C4DA4-D614-4A43-AD4D-663C133B994D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [{D6484781-12C2-46A0-88BF-C8A9F8E4D343}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
FirewallRules: [{A4BDC953-16EF-4135-AB90-BA481D79FC64}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A6A0D299-7A42-41FA-8539-473AB9E68E0C}] => (Allow) LPort=5357
FirewallRules: [{F2F37225-98A5-4CDD-9890-63ED97B44E9F}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E5EB81DD-BA3B-487B-8736-83757AFC5289}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6128B01-51CA-4701-AD9D-19D7FB115C53}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5E0358B-DFF2-4BD6-944A-AA142331E777}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{2066E836-DC89-47E2-BD13-38DF0E249118}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{D23F9274-442F-43D4-9E8B-178A816F3B8F}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{4DC80610-B9B1-45DC-B4AF-5C3905D907B4}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C0130C46-B2DC-477B-A299-D514BDBA2286}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{88945CC4-7D97-43BD-89A3-E42CDE28790C}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C92EA9EC-60B1-4837-8EA8-ECB0FABF0EE0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C7030FA9-3FDE-4C1D-9CB3-51DEA497FE37}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7E81F291-C901-4736-8E60-3D2E6D5E20AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{6BD1C49F-903F-4E9E-86B8-1F6FEC7CBA72}C:\users\nickshaver06\appdata\local\temp\crestron_self_extractor\airmedia.exe] => (Allow) C:\users\nickshaver06\appdata\local\temp\crestron_self_extractor\airmedia.exe (AWIND INCORPORATED -> )
FirewallRules: [UDP Query User{D8347C3D-0476-4D04-91A6-290D0AC62638}C:\users\nickshaver06\appdata\local\temp\crestron_self_extractor\airmedia.exe] => (Allow) C:\users\nickshaver06\appdata\local\temp\crestron_self_extractor\airmedia.exe (AWIND INCORPORATED -> )
==================== Restore Points =========================
15-08-2019 20:17:12 Scheduled Checkpoint
22-08-2019 21:29:34 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821
22-08-2019 21:31:30 Windows Update
03-09-2019 16:25:56 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2019 03:49:17 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (09/03/2019 03:11:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/03/2019 03:11:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/03/2019 03:07:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/03/2019 10:25:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/03/2019 10:25:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/03/2019 08:36:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/03/2019 08:36:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (09/03/2019 03:07:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/03/2019 03:06:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:29:43 PM on 9/3/2019 was unexpected.
Error: (08/31/2019 02:53:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The My Dell Client Framework service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (08/31/2019 02:53:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the My Dell Client Framework service to connect.
Error: (08/31/2019 02:52:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (08/31/2019 02:52:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:36:48 PM on 8/31/2019 was unexpected.
Error: (08/29/2019 09:12:14 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 172.20.19.94.
The computer with the IP address 172.20.19.37 did not allow the name to be claimed by
this computer.
Error: (08/26/2019 11:54:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
The system cannot find the file specified.
CodeIntegrity:
===================================
Date: 2015-02-05 17:24:42.209
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A03 09/29/2014
Motherboard: Dell Inc. 0R9H2G
Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 68%
Total physical RAM: 3979.2 MB
Available physical RAM: 1250.61 MB
Total Virtual: 8075.2 MB
Available Virtual: 4332.88 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:457 GB) (Free:322.95 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:7.38 GB) (Free:0.74 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E5BCBA8D)
Partition: GPT.
==================== End of Addition.txt ============================