Can't Install MS Updates

Started by Pampaw, November 04, 2015, 10:04:17 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Pampaw

November 04, 2015, 10:04:17 PM
Hello,
I haven't been able to install MS security updates or Windows 10 update for more than 6 months. I keep getting errors that indicate perhaps the CBS manifest is corrupt. I have no idea what this is or how to fix it. Any help would be greatly appreciated. I am including FRST.txt, additions.txt and checkup.txt. Thank you in advance for your reply.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015
Ran by Pammpaw (administrator) on LAPTOP-WIIN7HP (04-11-2015 15:54:29)
Running from C:\Users\Pammpaw\Desktop
Loaded Profiles: Pammpaw (Available Profiles: Pammpaw & LarryH & XBMC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Avant Browser\avant.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
() C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
() C:\Program Files (x86)\HddLed\hddledd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(WinPatrol) C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(WinPatrol) C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
() C:\Program Files (x86)\HddLed\hddled.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Spartan\Spartan.exe
(NesterSoft Inc.) C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bemo Software) C:\Users\Pammpaw\AppData\Local\Bemo Software\WindowTabs\WindowTabs.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Bemo Software) C:\Users\Pammpaw\AppData\Local\Bemo Software\WindowTabs\WindowTabsLoader32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\avant.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\avantvw.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
() C:\Program Files (x86)\Avant Browser\adownloader.exe
(Farbar) C:\Users\Pammpaw\Desktop\frst64(1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPrivacy] => C:\Program Files\Ruiware\WinPrivacy\WinPrivacyTrayApp.exe [1712776 2015-09-28] (WinPatrol)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\runonceex: [Flags] => 128
HKLM-x32\...\runonceex: [Title] => UnHackMe Rootkit Check
Winlogon\Notify\igfxcui:  [X]
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-07-18] (Ruiware)
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Run: [hddled.exe] => C:\Program Files (x86)\HddLed\hddled.exe [479280 2013-09-26] ()
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-09] (Stardock Corporation)
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-10-01] (Siber Systems)
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2010-07-29] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2010-07-29] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SynTPEnh.exe - Shortcut.lnk [2015-08-10]
ShortcutTarget: SynTPEnh.exe - Shortcut.lnk -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
Startup: C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2011-04-16]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
Startup: C:\Users\Pammpaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spartan.LNK [2015-06-08]
ShortcutTarget: Spartan.LNK -> C:\Program Files (x86)\Spartan\Spartan.exe ()
Startup: C:\Users\Pammpaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk [2015-06-08]
ShortcutTarget: TimeLeft.lnk -> C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
Startup: C:\Users\Pammpaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WindowTabs.lnk [2015-08-05]
ShortcutTarget: WindowTabs.lnk -> C:\Users\Pammpaw\AppData\Local\Bemo Software\WindowTabs\WindowTabs.exe (Bemo Software)
Startup: C:\Users\Pammpaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk [2015-09-13]
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
BootExecute: autocheck autochk *  BootDefrag.exePartizan
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{739BEB33-F178-4DED-9E95-CCE7688DF36C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D5839251-8D76-4B82-B6CC-74FFB262CF19}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR
HKU\S-1-5-21-1334051981-221637907-2465180937-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://abcnews.go.com/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2010-07-29] (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-01] (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: Protect My Choices (Beta) -> {3DFCDCA1-AEAC-4302-A690-BFB683568BAA} -> C:\Program Files (x86)\DigitalAdvertisingAlliance\Protect My Choices\pmc.dll [2013-10-29] (Digital Advertising Alliance)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2010-07-29] (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-01] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2010-07-29] (IvoSoft)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-01] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-10-01] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2010-07-29] (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1334051981-221637907-2465180937-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-10-01] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1334051981-221637907-2465180937-1000 -> No Name - {0A452A47-C5A8-4854-A237-4B9B06B376F0} -  No File
Toolbar: HKU\S-1-5-21-1334051981-221637907-2465180937-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {15589FA1-C456-11CE-BF01-00AA0055595A} hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exe
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://abcnews.go.com/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,%2F*ZenMate*%2F%0Afunction%20FindProxyForURL(url%2C%20host)%20%7B%0A%0A%20%20var%20e%20%3D%20%7B%20data%3A%20%7B%22localDomains%22%3A%5B%22zenguard.biz%22%2C%22local%22%2C%22dev%22%2C%22ip%22%2C%22box%22%2C%22lvh.me%22%2C%22ripe%22%2C%22invalid%22%2C%22intra%22%2C%22intranet%22%2C%22onion%22%2C%22vcap.me%22%2C%22zeus.pm%22%2C%22127.0.0.1.xip.io%22%2C%22smackaho.st%22%2C%22localtest.me%22%2C%22site%22%2C%22about%3Aaddons%22%2C%22about%3Anewtab%22%2C%22about%3Apreferences%22%2C%22about%3Aconfig%22%5D%2C%22nodeOverrides%22%3A%5B%7B%22target_cc%22%3A%22US%22%2C%22hosts%22%3A%5B%22hulu.com%22%5D%2C%22premium_only%22%3Atrue%2C%22nodes%22%3A%22US-ALT1%22%7D%5D%2C%22IPv4NotationRE%22%3A%7B%7D%2C%22localIPsRE%22%3A%7B%7D%7D%2CnodeLookup%3A%20function%20(nodeDict%2C%20cc)%20%7B%0A%20%20%20%20%20%20return%20nodeDict%5Bcc%5D%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CcompareHosts%3A%20function%20(hosts%2C%20host)%20%7B%0A%20%20%20%20%20%20var%20h%2C%20_i%2C%20_len%3B%0A%20%20%20%20%20%20for%20(_i%20%3D%200%2C%20_len%20%3D%20hosts.length%3B%20_i%20%3C%20_len%3B%20_i%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20h%20%3D%20hosts%5B_i%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20h))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20h%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CcompareURLs%3A%20function%20(patterns%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20p%2C%20_i%2C%20_len%3B%0A%20%20%20%20%20%20for%20(_i%20%3D%200%2C%20_len%20%3D%20patterns.length%3B%20_i%20%3C%20_len%3B%20_i%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20p%20%3D%20patterns%5B_i%5D%3B%0A%20%20%20%20%20%20%20%20if%20(p.test(url))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20p%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2CdnsDomainIs%3A%20function%20(host%2C%20pattern)%20%7B%0A%20%20%20%20%20%20return%20host.length%20%3E%3D%20pattern.length%20%26%26%20host.substring(host.length%20-%20pattern.length)%20%3D%3D%3D%20pattern%3B%0A%20%20%20%20%7D%2CmatchWildcardDomain%3A%20function%20(host%2C%20domain)%20%7B%0A%20%20%20%20%20%20var%20exactMatch%2C%20hasSubdomain%2C%20tldMatch%3B%0A%20%20%20%20%20%20exactMatch%20%3D%20host%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20tldMatch%20%3D%20host.slice(-domain.length)%20%3D%3D%3D%20domain%3B%0A%20%20%20%20%20%20hasSubdomain%20%3D%20host%5Bhost.lastIndexOf(domain)%20-%201%5D%20%3D%3D%3D%20'.'%3B%0A%20%20%20%20%20%20return%20exactMatch%20%7C%7C%20(tldMatch%20%26%26%20hasSubdomain)%3B%0A%20%20%20%20%7D%2CmatchNodeOverride%3A%20function%20(host%2C%20cc)%20%7B%0A%20%20%20%20%20%20var%20o%2C%20result%2C%20_ref%3B%0A%20%20%20%20%20%20result%20%3D%20(function()%20%7B%0A%20%20%20%20%20%20%20%20var%20_i%2C%20_len%2C%20_ref%2C%20_results%3B%0A%20%20%20%20%20%20%20%20_ref%20%3D%20this.data.nodeOverrides%3B%0A%20%20%20%20%20%20%20%20_results%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20for%20(_i%20%3D%200%2C%20_len%20%3D%20_ref.length%3B%20_i%20%3C%20_len%3B%20_i%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20%20%20o%20%3D%20_ref%5B_i%5D%3B%0A%20%20%20%20%20%20%20%20%20%20if%20(o.target_cc%20%3D%3D%3D%20cc%20%26%26%20this.compareHosts(o.hosts%2C%20host))%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20_results.push(o)%3B%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20return%20_results%3B%0A%20%20%20%20%20%20%7D).call(this)%3B%0A%20%20%20%20%20%20return%20(result%20!%3D%20null%20%3F%20(_ref%20%3D%20result%5B0%5D)%20!%3D%20null%20%3F%20_ref.nodes%20%3A%20void%200%20%3A%20void%200)%20%7C%7C%20false%3B%0A%20%20%20%20%7D%2CmatchRules%3A%20function%20(rules%2C%20host%2C%20url)%20%7B%0A%20%20%20%20%20%20var%20i%2C%20rule%2C%20_i%2C%20_len%3B%0A%20%20%20%20%20%20if%20(!((rules%20!%3D%20null%20%3F%20rules.length%20%3A%20void%200)%20%3E%200))%20%7B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.rulesWithOverrides%20%3D%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20mergeRuleOverrides(rules%2C%20config.ruleOverrides)%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20for%20(i%20%3D%20_i%20%3D%200%2C%20_len%20%3D%20rules.length%3B%20_i%20%3C%20_len%3B%20i%20%3D%20%2B%2B_i)%20%7B%0A%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20rule.domain)%20%7C%7C%20((rule.hosts%20!%3D%20null)%20%26%26%20this.compareHosts(rule.hosts%2C%20host)))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20i%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%2C_getProxyState%3A%20function%20(url%2C%20host%2C%20rules)%20%7B%0A%20%20%20%20%20%20var%20local%2C%20match%2C%20_i%2C%20_len%2C%20_ref%3B%0A%20%20%20%20%20%20url%20%3D%20url.toLowerCase()%3B%0A%20%20%20%20%20%20if%20(!~host.indexOf('.')%20%26%26%20!~host.indexOf('%3A'))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20if%20(this.data.IPv4NotationRE.test(host)%20%26%26%20data.localIPsRE.test(host))%20%7B%0A%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20_ref%20%3D%20this.data.localDomains%3B%0A%20%20%20%20%20%20for%20(_i%20%3D%200%2C%20_len%20%3D%20_ref.length%3B%20_i%20%3C%20_len%3B%20_i%2B%2B)%20%7B%0A%20%20%20%20%20%20%20%20local%20%3D%20_ref%5B_i%5D%3B%0A%20%20%20%20%20%20%20%20if%20(this.matchWildcardDomain(host%2C%20local))%20%7B%0A%20%20%20%20%20%20%20%20%20%20return%20'LOCAL'%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20match%20%3D%20this.matchRules(rules%2C%20host%2C%20url)%3B%0A%20%20%20%20%20%20if%20(match%20!%3D%20null)%20%7B%0A%20%20%20%20%20%20%20%20return%20rules%5Bmatch%5D.cc%3B%0A%20%20%20%20%20%20%7D%20else%20%7B%0A%20%20%20%20%20%20%20%20return%20'DEFAULT'%3B%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%20%7D%3B%0A%20%20e.data.localDomains%20%3D%20e.data.localDomains.concat(%5B%22zenmate.com%22%2C%22d1jr1idae5ms9n.cloudfront.net%22%5D)%3B%0A%20%20e.data.IPv4NotationRE%20%3D%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2Fg%3B%0Ae.data.localIPsRE%20%3D%20%2F(%5E127%5C.)%7C(%5E192%5C.168%5C.)%7C(%5E10%5C.)%7C(%5E172%5C.1%5B6-9%5D%5C.)%7C(%5E172%5C.2%5B0-9%5D%5C.)%7C(%5E172%5C.3%5B0-1%5D%5C.)%2F%3B%0A%0A%20%20e.data.defaultLocation%20%3D%20'US'%3B%0A%20%20e.data.nodeDict%20%3D%20%7B%22US%22%3A%22PROXY%20127.0.0.1%3A3968%22%2C%22DE%22%3A%22PROXY%20127.0.0.1%3A3969%22%2C%22RO%22%3A%22PROXY%20127.0.0.1%3A3970%22%2C%22HK%22%3A%22PROXY%20127.0.0.1%3A3971%22%2C%22US-ALT1%22%3A%22PROXY%20127.0.0.1%3A3972%22%7D%3B%0A%20%20e.data.rulesWithOverrides%20%3D%20%5B%5D%3B%0A%0A%20%20var%20res%20%3D%20e._getProxyState(url%2C%20host%2C%20e.data.rulesWithOverrides)%3B%0A%0A%20%20if%20(res%20%3D%3D%3D%20'LOCAL'%20%7C%7C%20res%20%3D%3D%3D%20'DIRECT'%20%7C%7C%20res%20%3D%3D%3D%20'OFF')%20%7Breturn%20'DIRECT'%7D%3B%0A%20%20if%20(res%20%3D%3D%3D%20'DEFAULT')%20%7Bcc%20%3D%20e.data.defaultLocation%7D%20else%20%7Bcc%20%3D%20res%7D%3B%0A%0A%20%20var%20override%20%3D%20e.matchNodeOverride(host%2C%20cc)%3B%0A%20%20if%20(override)%20%7Bcc%20%3D%20override%7D%3B%0A%0A%20%20return%20e.nodeLookup(e.data.nodeDict%2C%20cc)%20%7C%7C%20'DIRECT'%3B%0A%7D"
FF NetworkProxy: "type", 2
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-12] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20130228-0405 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-02-27] (VideoLAN)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-19] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-09-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-09-18] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-09] (Yahoo! Inc.)
FF SearchPlugin: C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079\searchplugins\safesearch.xml [2015-08-25]
FF Extension: AdBan - C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079\Extensions\adban@ad-ban.appspot.com.xpi [2015-09-03]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079\Extensions\firefox@zenmate.com.xpi [2015-09-19]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-09-20]
FF Extension: Tab Mix Plus - C:\Users\Pammpaw\AppData\Roaming\Mozilla\Firefox\Profiles\c244mkpr.default-1440507963079\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-09-02]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: No Name - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2015-10-01] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKU\S-1-5-21-1334051981-221637907-2465180937-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [not found]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-09]
CHR Extension: (Norton Identity Safe) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-23]
CHR Extension: (Freemake Video Converter) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-11-23]
CHR Extension: (Skype Click to Call) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-09]
CHR Extension: (Norton Safe) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-09]
CHR Extension: (RoboForm Password Manager) - C:\Users\Pammpaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-08-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-28]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
S3 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
S3 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [8795656 2015-07-02] ()
R2 hddledd; C:\Program Files (x86)\HddLed\hddledd.exe [54320 2013-09-26] ()
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 IDriveE Service; C:\IDrive\IDriveE Service.exe [157128 2011-06-24] (Pro Softnet Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-09-16] (Hewlett-Packard Company) [File not signed]
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
S3 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [656184 2015-04-08] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\N360.exe [282016 2015-09-24] (Symantec Corporation)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-09-22] (Microsoft)
S3 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2012-12-10] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2012-12-10] (Alcatel-Lucent) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-06-08] (VMware, Inc.) [File not signed]
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [118272 2008-07-24] (WDC) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinPrivacySvc; C:\Program Files\Ruiware\WinPrivacy\WinPrivacySvc.exe [466568 2015-09-28] (WinPatrol)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2015-01-06] (Zemana Ltd.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-01] (Glarysoft Ltd)
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT Corporation.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-11] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2014-11-18] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-09-11] (Symantec Corporation)
R3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [29696 2009-10-06] ( )
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-04-30] (Glarysoft Ltd)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2012-02-02] (Paragon Software Group)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151103.002\IDSvia64.sys [767224 2015-10-19] (Symantec Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [289664 2012-02-22] (McAfee, Inc.)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2012-12-10] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151104.001\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151104.001\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 NUServer64; C:\Windows\System32\DRIVERS\NUServer64.sys [254464 2011-10-27] (Elite Silicon Technology Inc.)
R3 NUS_Bus64; C:\Windows\System32\DRIVERS\NUS_Bus64.sys [34816 2011-10-14] (Elite Silicon Technology Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2015-03-29] (Greatis Software)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 QsFsFltr; C:\Windows\System32\DRIVERS\QsFsFltr.sys [22584 2010-06-24] (Windows (R) Win 7 DDK provider)
S4 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S4 ruinetf; C:\Windows\System32\drivers\ruinetf.sys [48408 2015-05-23] (Windows (R) Win 7 DDK provider)
R1 rwpvcy; C:\Windows\System32\drivers\rwpvcy.sys [49944 2015-09-10] (Ruiware, LLC)
S4 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S4 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-06-06] (WinISO.com)
S4 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S4 BT; system32\DRIVERS\btnetdrv.sys [X]
S4 BTCOM; system32\DRIVERS\btcomport.sys [X]
S4 Btcsrusb; System32\Drivers\btcusb.sys [X]
S4 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S4 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-04 15:54 - 2015-11-04 15:56 - 00041766 _____ C:\Users\Pammpaw\Desktop\FRST.txt
2015-11-04 15:53 - 2015-11-04 15:54 - 00000000 ____D C:\FRST
2015-11-04 15:53 - 2015-11-04 15:53 - 02198016 _____ (Farbar) C:\Users\Pammpaw\Desktop\frst64(1).exe
2015-11-04 15:50 - 2015-11-04 15:50 - 00000000 _____ C:\Users\Pammpaw\Desktop\FRST64.exe
2015-11-04 14:48 - 2015-11-04 14:48 - 00852720 _____ C:\Users\Pammpaw\Desktop\SecurityCheck.exe
2015-11-04 14:23 - 2015-11-04 14:23 - 00040720 _____ (Greatis Software) C:\Windows\SysWOW64\Partizan.exe
2015-11-04 14:22 - 2015-11-04 14:22 - 00000056 _____ C:\Windows\setupact.log
2015-11-04 14:22 - 2015-11-04 14:22 - 00000000 _____ C:\Windows\setuperr.log
2015-11-04 14:21 - 2015-11-04 14:22 - 00309544 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-04 14:21 - 2015-11-04 14:21 - 00000958 _____ C:\Windows\PFRO.log
2015-11-04 13:50 - 2015-11-04 13:50 - 00028083 _____ C:\Users\Pammpaw\Desktop\Welcome_to_Landzown_-_get_computer_help_here!.htm
2015-11-04 08:41 - 2015-11-04 08:41 - 00003226 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1334051981-221637907-2465180937-1000
2015-10-31 19:55 - 2015-10-31 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-31 19:55 - 2015-10-31 19:55 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-10-31 09:30 - 2015-11-04 08:41 - 00003356 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1334051981-221637907-2465180937-1000
2015-10-29 21:46 - 2015-10-29 21:46 - 00000034 _____ C:\Windows\SysWOW64\Partizan.RRI
2015-10-29 21:46 - 2015-10-29 21:46 - 00000000 ____D C:\@RestoreQuarantine
2015-10-28 10:56 - 2015-10-28 10:56 - 00000843 _____ C:\Users\Pammpaw\AppData\Local\recently-used.xbel
2015-10-28 10:56 - 2015-10-28 10:56 - 00000000 ____D C:\Users\Pammpaw\.thumbnails
2015-10-27 21:58 - 2015-10-27 21:58 - 00001923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Avant Browser.lnk
2015-10-27 21:58 - 2015-10-27 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser
2015-10-27 21:58 - 2015-10-27 21:58 - 00000000 ____D C:\Program Files (x86)\Avant Browser
2015-10-26 11:08 - 2015-11-04 14:24 - 00000588 _____ C:\Windows\system32\WinPrivacyTrayApp.log
2015-10-26 10:14 - 2015-10-26 18:47 - 00000000 ____D C:\Users\Pammpaw\Desktop\Autoruns
2015-10-21 08:30 - 2015-10-21 08:30 - 00000000 ____D C:\Users\Pammpaw\AppData\Roaming\Oracle
2015-10-20 21:50 - 2015-09-18 14:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-20 21:50 - 2015-09-18 14:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-20 21:50 - 2015-09-18 14:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-20 21:50 - 2015-09-18 14:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-20 21:50 - 2015-09-18 14:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-20 21:50 - 2015-09-18 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-20 21:50 - 2015-09-18 14:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-20 21:50 - 2015-09-18 14:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-20 21:50 - 2015-09-18 13:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-20 21:50 - 2015-09-15 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-20 21:50 - 2015-09-15 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-20 21:50 - 2015-09-15 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-20 21:50 - 2015-09-15 23:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-20 21:50 - 2015-09-15 23:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-20 21:50 - 2015-09-15 22:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-20 21:50 - 2015-09-15 22:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-20 21:50 - 2015-09-15 22:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-20 21:50 - 2015-09-15 22:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-20 21:50 - 2015-09-15 22:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-20 21:50 - 2015-09-15 22:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-20 21:50 - 2015-09-15 22:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-20 21:50 - 2015-09-15 22:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-20 21:50 - 2015-09-15 22:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-20 21:50 - 2015-09-15 22:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-20 21:50 - 2015-09-15 22:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-20 21:50 - 2015-09-15 22:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-20 21:50 - 2015-09-15 22:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-20 21:50 - 2015-09-15 22:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-20 21:50 - 2015-09-15 22:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-20 21:50 - 2015-09-15 22:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-20 21:50 - 2015-09-15 22:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-20 21:50 - 2015-09-15 21:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-20 21:50 - 2015-09-15 21:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-20 21:50 - 2015-09-15 21:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-20 21:50 - 2015-09-15 21:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-20 21:50 - 2015-09-15 21:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-20 21:49 - 2015-09-15 23:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-20 21:49 - 2015-09-15 23:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-20 21:49 - 2015-09-15 23:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-20 21:49 - 2015-09-15 23:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-20 21:49 - 2015-09-15 23:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-20 21:49 - 2015-09-15 23:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-20 21:49 - 2015-09-15 23:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-20 21:49 - 2015-09-15 23:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-20 21:49 - 2015-09-15 23:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-20 21:49 - 2015-09-15 23:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-20 21:49 - 2015-09-15 23:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-20 21:49 - 2015-09-15 23:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-20 21:49 - 2015-09-15 23:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-20 21:49 - 2015-09-15 22:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-20 21:49 - 2015-09-15 22:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-20 21:49 - 2015-09-15 22:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-20 21:49 - 2015-09-15 22:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-20 21:49 - 2015-09-15 22:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-20 21:49 - 2015-09-15 22:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-20 21:49 - 2015-09-15 22:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-20 21:49 - 2015-09-15 22:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-20 21:49 - 2015-09-15 22:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-20 21:49 - 2015-09-15 22:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-20 21:49 - 2015-09-15 22:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-20 21:49 - 2015-09-15 22:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-20 21:49 - 2015-09-15 22:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-20 21:49 - 2015-09-15 22:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-20 21:49 - 2015-09-15 22:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-20 21:49 - 2015-09-15 22:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-20 21:49 - 2015-09-15 22:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-20 21:49 - 2015-09-15 21:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-20 21:49 - 2015-09-15 21:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-20 21:49 - 2015-09-15 21:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-20 21:49 - 2015-09-15 21:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-20 21:49 - 2015-09-15 21:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-20 21:48 - 2015-10-01 13:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-20 21:48 - 2015-10-01 13:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-20 21:48 - 2015-10-01 13:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-20 21:48 - 2015-10-01 13:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-20 21:48 - 2015-10-01 13:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-20 21:48 - 2015-10-01 13:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-20 21:48 - 2015-10-01 13:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-20 21:48 - 2015-10-01 12:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-20 21:48 - 2015-10-01 12:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-20 21:48 - 2015-09-25 13:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-20 21:48 - 2015-09-25 13:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-20 21:48 - 2015-09-25 13:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-20 21:48 - 2015-09-25 13:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-20 21:48 - 2015-09-25 13:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-20 21:48 - 2015-09-25 13:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-20 21:48 - 2015-09-25 12:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-20 21:48 - 2015-09-25 12:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-20 21:48 - 2015-09-25 12:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-20 21:48 - 2015-09-25 12:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-20 21:48 - 2015-09-25 12:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-20 21:48 - 2015-08-06 13:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-20 21:48 - 2015-08-06 13:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-20 21:48 - 2015-08-06 12:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-20 21:48 - 2015-08-06 12:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-20 21:48 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-17 21:31 - 2015-10-17 21:31 - 40105984 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2015-10-12 21:13 - 2015-10-12 21:13 - 00000000 ____D C:\Users\Public\Foxit Software
2015-10-12 21:12 - 2015-10-12 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-10-11 16:05 - 2015-10-11 16:05 - 00003242 _____ C:\Windows\System32\Tasks\{FB0DE8BE-5D9E-4320-8B4F-A104B373E0FA}
2015-10-11 16:04 - 2015-10-11 16:04 - 00003240 _____ C:\Windows\System32\Tasks\{8F96CF5D-A5FB-4C5B-8AEA-FDD25CDA0695}
2015-10-11 13:28 - 2015-10-11 13:28 - 00000000 ____D C:\Users\Pammpaw\AppData\Roaming\Macromedia
2015-10-11 10:02 - 2015-11-04 15:31 - 00000830 _____ C:\Windows\Tasks\Adobe F

Corrine

#1
November 05, 2015, 03:09:56 AM
Hi, Pampaw.  Welcome to LandzDown Forum.

Windows Update isn't my area of expertise -- which is what the CBS.log is all about.  That said, I do have Windows Update expert friends who I can refer you to.  However, your computer does need some cleanup first.  Unfortunately, the \FRST logs are so long, your posts didn't complete due to forum software restrictions.

First, please open FRST.txt and locate the line "2015-10-11 10:02 - 2015-11-04 15:31 - 00000830 _____ C:\Windows\Tasks\Adobe F". Copy/paste from there to the end of the log.  Next, open the Addition.txt log and copy/paste that.  The same goes for the Checkup.txt.  After clicking the Post button, check that the complete logs posted.  It often takes more than one reply to get the entire contents to post.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Aaron Hulett

#2
November 07, 2015, 12:43:02 AM
Corrine I'm sending you a private message on how you might be able to approach this one. I'd post them here but do not want to complicate the thread with another set of instructions; you can use this idea/solution if nothing sticks out after the rest of the FRST log is posted (or any other steps you'd like to try).

//A

Corrine

#3
November 07, 2015, 12:56:13 AM
Thanks, Aaron!


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions