The PC always seen to have high traffic and "A lot" of procsses and will not update any windows updates( I now its not supperted any more ) Just need to to clean this PC up.
Emsisoft Emergency Kit log (C:\EEK\Reports\) This could not be used due to the facy of this pc having Vista
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-10-2016
Ran by ian&emily (administrator) on FAMILY (22-10-2016 22:00:02)
Running from C:\Users\ian&emily\Documents\Downloads
Loaded Profiles: ian&emily (Available Profiles: ian&emily)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\UPDMGR\4.0.131.2\mcupdatemgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\WINDOWS\System32\UI0Detect.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\ian&emily\Documents\Downloads\EmsisoftEmergencyKit (1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [159744 2007-03-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174616 2007-07-25] (Intel Corporation)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2007-08-17] (CyberLink Corp.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [181544 2007-09-30] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2007-09-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [iTunesHelper] => "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159472 2010-11-11] (Microsoft Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [5836888 2015-09-18] (Emsisoft Ltd)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [SpeedItupFree] => C:\Program Files\SpeedItup Free\speeditupfree.exe [7948320 2015-12-14] (MicroSmarts LLC.)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [Skype] => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [455968 2007-08-23] (Hewlett-Packard Company)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [Aim6] => "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [Aim] => "C:\Program Files\AIM\aim.exe" /d locale=en-US
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\MountPoints2: {49faab00-60c8-11e6-8aec-001e379e8630} - WinCleaner Application Setup.exe
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\MountPoints2: {b6833aa0-692e-11e0-9367-001e379e8630} - F:\setup.exe -a
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...409d6c4515e9\InprocServer32: [Default-shell32] shell32.dll ATTENTION
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2008-01-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-07-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\ian&emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-05-05]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5F93A7D5-AB35-42B8-B9A6-B25C749E64F3}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{93D1EC0A-3B48-46B0-8430-BD69C9897DA5}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2984554872-4131499766-165714688-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {9DA2A901-FF16-421E-8B00-927B08E4D550} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM -> {9DA2A901-FF16-421E-8B00-927B08E4D550} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM -> {F16314C0-57F4-418C-97F9-9E3EBC9E8EC2} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> {3783719F-0983-4AD5-96BF-7FF2E001F970} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3106777
SearchScopes: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> {9DA2A901-FF16-421E-8B00-927B08E4D550} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> {F16314C0-57F4-418C-97F9-9E3EBC9E8EC2} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2984554872-4131499766-165714688-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05] [not signed]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-17] [not signed]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 => not found
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2016-08-21]
FF HKU\S-1-5-21-2984554872-4131499766-165714688-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2008-10-04] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default [2016-10-22]
CHR Extension: (Google Docs) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
CHR Extension: (Google Drive) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Google Search) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-09-29]
CHR Extension: (Google Docs Offline) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR Profile: C:\Users\ian&emily\AppData\Local\Google\Chrome\User Data\System Profile [2016-05-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2016-02-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0222271477014526mcinstcleanup; C:\Windows\TEMP\022227~1.EXE [883024 2015-05-04] (McAfee, Inc.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [7084784 2015-09-18] (Emsisoft Ltd)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
S4 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) [File not signed]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2016-02-12] (McAfee, Inc.)
S4 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
S4 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-02-24] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-09-30] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-09-30] ()
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1245064 2008-01-06] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 HPHNDUSVC; C:\Users\IAN&EM~1\AppData\Local\Temp\7zS335D\HPHNDUSVC.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
R1 epp32; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp32.sys [114200 2015-08-28] (Emsisoft GmbH)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.)
S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [183352 2007-10-01] (Conexant Systems Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-16] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2013-07-17] (CACE Technologies, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-08-10] ()
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cpuz134; \??\C:\Users\IAN&EM~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
U1 eabfiltr; no ImagePath
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-22 22:00 - 2016-10-23 02:06 - 00000000 ____D C:\Users\ian&emily\Desktop\bin64
2016-10-22 22:00 - 2016-10-23 02:06 - 00000000 ____D C:\Users\ian&emily\Desktop\bin32
2016-10-22 22:00 - 2016-08-15 19:53 - 00470552 _____ (Emsisoft Ltd) C:\Users\ian&emily\Desktop\Start Emergency Kit Scanner.exe
2016-10-22 22:00 - 2016-08-15 19:53 - 00467928 _____ (Emsisoft Ltd) C:\Users\ian&emily\Desktop\Start Commandline Scanner.exe
2016-10-22 22:00 - 2015-12-09 08:23 - 00004314 _____ C:\Users\ian&emily\Desktop\readme.txt
2016-10-22 21:57 - 2016-10-22 22:00 - 00000000 ____D C:\FRST
2016-10-22 20:02 - 2016-10-22 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-10-17 00:32 - 2016-10-20 21:32 - 00000164 _____ C:\Users\Public\Documents\hpqp.ini
2016-10-17 00:25 - 2016-10-17 07:03 - 00128672 _____ (Emsisoft Ltd) C:\Windows\system32\eamclean.exe
2016-10-17 00:25 - 2016-10-17 07:03 - 00000750 _____ C:\Windows\system32\eamclean.dat
2016-10-17 00:22 - 2016-10-17 00:22 - 00000000 ____D C:\ProgramData\Emsisoft
2016-10-17 00:10 - 2016-10-17 00:10 - 00000848 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-10-17 00:10 - 2016-10-17 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-10-17 00:07 - 2016-10-22 21:58 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-10-16 23:52 - 2016-10-16 23:56 - 00000000 ____D C:\EEK
2016-10-16 23:21 - 2016-10-16 23:24 - 00000000 ____D C:\Users\ian&emily\Desktop\Undo
2016-09-26 01:21 - 2016-09-26 01:21 - 00000000 ____D C:\ProgramData\WindowsSearch
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-22 22:09 - 2012-10-05 21:39 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-22 21:25 - 2006-11-02 08:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-22 21:25 - 2006-11-02 08:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-22 21:20 - 2012-08-29 21:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-21 23:09 - 2012-10-05 21:39 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-21 06:29 - 2016-08-12 21:19 - 00000570 _____ C:\Windows\Tasks\AVG-SSU_0716wt.job
2016-10-20 21:27 - 2016-08-12 21:20 - 00000432 _____ C:\Windows\Tasks\AVG-SSU_0716wt_DELETE.job
2016-10-20 21:25 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-17 19:46 - 2008-01-23 12:08 - 00002140 _____ C:\Windows\bthservsdp.dat
2016-10-17 19:46 - 2006-11-02 09:01 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-16 23:36 - 2016-08-21 20:03 - 00002521 _____ C:\Users\ian&emily\Desktop\Options.ini
2016-10-16 23:30 - 2013-02-19 22:09 - 00000000 ____D C:\Program Files\QuickTime
2016-10-16 23:30 - 2009-08-06 01:35 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-16 23:25 - 2010-12-12 21:50 - 00000000 ____D C:\Program Files\Zune
2016-10-16 23:11 - 2015-12-09 22:04 - 00000000 ____D C:\Users\ian&emily\Desktop\Mr.Ians Stuff DONT OPEN
2016-10-16 23:10 - 2009-08-05 13:11 - 00000000 ____D C:\Users\ian&emily
2016-10-16 22:45 - 2015-12-09 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Visual Traceroute
2016-10-16 22:45 - 2012-04-02 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-10-12 19:52 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\inf
2016-10-12 19:52 - 2006-11-02 06:33 - 00756772 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-03 02:10 - 2016-09-18 21:22 - 00000000 ____D C:\Users\ian&emily\Desktop\rolo stuff
2016-10-02 00:31 - 2009-08-05 22:00 - 00000000 ____D C:\Windows\pss
2016-09-29 18:34 - 2006-11-02 06:22 - 60293120 _____ C:\Windows\system32\config\software_previous
2016-09-29 18:34 - 2006-11-02 06:22 - 28049408 _____ C:\Windows\system32\config\system_previous
2016-09-29 18:33 - 2010-12-12 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2016-09-29 18:33 - 2009-10-25 11:29 - 00000000 ____D C:\Windows\Minidump
2016-09-29 18:33 - 2009-10-07 08:58 - 00000000 ____D C:\Users\ian&emily\AppData\Local\Microsoft Help
2016-09-29 18:33 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\spool
2016-09-29 18:33 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\Msdtc
2016-09-29 18:33 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\registration
2016-09-29 18:23 - 2006-11-02 06:22 - 41943040 _____ C:\Windows\system32\config\components_previous
2016-09-29 18:22 - 2006-11-02 06:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2016-09-29 15:23 - 2012-08-29 21:27 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-09-29 15:23 - 2011-06-16 19:52 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-09-29 15:21 - 2008-01-06 07:56 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-28 05:16 - 2006-11-02 06:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2016-09-27 22:59 - 2006-11-02 06:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2016-09-26 00:23 - 2011-01-22 01:44 - 00000000 ____D C:\Users\ian&emily\Documents\OneNote Notebooks
==================== Files in the root of some directories =======
2016-09-25 23:08 - 2016-09-25 23:08 - 0028915 _____ () C:\Users\ian&emily\AppData\Roaming\UserTile.png
2010-02-07 08:53 - 2010-10-16 08:26 - 0000998 _____ () C:\Users\ian&emily\AppData\Roaming\wklnhst.dat
2009-08-05 13:26 - 2009-08-05 13:26 - 0000000 _____ () C:\Users\ian&emily\AppData\Local\AtStart.txt
2011-12-08 12:01 - 2012-08-29 05:36 - 0006080 _____ () C:\Users\ian&emily\AppData\Local\d3d9caps.dat
2009-08-09 19:54 - 2015-01-11 17:20 - 0038912 _____ () C:\Users\ian&emily\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-08-05 13:26 - 2009-08-05 13:26 - 0000000 _____ () C:\Users\ian&emily\AppData\Local\DSwitch.txt
2009-08-05 13:26 - 2009-08-05 13:26 - 0000000 _____ () C:\Users\ian&emily\AppData\Local\QSwitch.txt
2014-02-05 13:55 - 2014-02-05 13:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2008-01-06 08:24 - 2011-08-10 00:44 - 0010065 _____ () C:\ProgramData\hpzinstall.log
2015-12-14 02:23 - 2015-12-14 02:39 - 0000162 _____ () C:\ProgramData\spds90.txt
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2984554872-4131499766-165714688-1000\$b3272db47fa0a4851d9080ea2a4a388f
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$b3272db47fa0a4851d9080ea2a4a388f
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-22 21:50
==================== End of FRST.txt ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-10-2016
Ran by ian&emily (22-10-2016 22:10:10)
Running from C:\Users\ian&emily\Documents\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-01-23 16:09:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2984554872-4131499766-165714688-500 - Administrator - Disabled)
Guest (S-1-5-21-2984554872-4131499766-165714688-501 - Limited - Enabled)
ian&emily (S-1-5-21-2984554872-4131499766-165714688-1000 - Administrator - Enabled) => C:\Users\ian&emily
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Basic Product Support (Version: 14.0 - HP) Hidden
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4580 (Version: 110.0.218.000 - Hewlett-Packard) Hidden
C4580_Help (Version: 110.0.218.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
EasyCleaner (HKLM\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
Hondata s300 ECU Editor (HKLM\...\Hondata s300 ECU Editor_is1) (Version: 2.2.7.0 - Hondata, Inc.)
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Help and Support (HKLM\...\{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}) (Version: 1.5.1 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.5500 - HP)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{DF711F5A-C9E4-4241-9A83-58532C99DB28}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP User Guides 0090 (HKLM\...\{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java™ 6 Update 19 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216015FF}) (Version: 6.0.190 - Sun Microsystems, Inc.)
Java™ 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software 1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.22.7.3 - Marvell)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.290 - McAfee, Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSCU for Microsoft Vista (HKLM\...\{F7F3B252-E772-48AA-93EB-7964BC326067}) (Version: 1.0.1.9 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
Network (Version: 140.0.301.000 - Hewlett-Packard) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Open Visual Traceroute version 1.6.2 (HKLM\...\{74E0B6B8-9214-46A4-A0D7-6373A659A643}_is1) (Version: 1.6.2 - Leo Lewis)
PanoStandAlone (Version: 110.0.180.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_ProductContext (Version: 110.0.218.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_Software (Version: 110.0.218.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_Software_Min (Version: 110.0.218.000 - Hewlett-Packard) Hidden
Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Zune (HKLM\...\Zune) (Version: 04.07.1404.01 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2984554872-4131499766-165714688-1000_Classes\CLSID\{02081E96-09F6-E9DE-A4BC-FDA4DA5822B9}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07948A1B-1B1F-4C49-9CF2-E55E8CB501C2} - System32\Tasks\{B33ED8DA-99CF-4837-8E94-6800D4FC33E3} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {4365A45F-6427-4B17-9F09-41E30A99547E} - System32\Tasks\{37D37D4A-99D2-4A73-AD18-38FE53B9B3BD} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {55E3A56B-D88F-49CA-B608-3659EB7E8911} - System32\Tasks\{F9DEF7DB-F38C-4FB8-96E3-A1E75A58A6BB} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {5AEB97D6-A8A2-4EFA-83C9-4C15E6B1CEB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {5FD80B75-1591-4CF3-BB0F-693AB9DBBC85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {77C32D5B-1D01-4295-B1D8-1DD9EA9C2037} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {8EA108DF-4A04-48C1-A4B1-4C0B352D9DC0} - System32\Tasks\{649CAF24-8109-4318-8A8A-814B0CE953FF} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {8F1B75E1-8293-452A-BF6E-ED4D46097785} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9DD6619B-5FF1-4188-81DD-A004377B98FB} - System32\Tasks\AVG-SSU_0716wt_DELETE => C:\ProgramData\Avg_Update_0716wt\AVG-Secure-Search-Update_0716wt.exe [2016-08-12] ()
Task: {B16C1242-C927-408F-A03C-D68C8AA06BAC} - System32\Tasks\AVG-SSU_0716wt => C:\ProgramData\Avg_Update_0716wt\AVG-Secure-Search-Update_0716wt.exe [2016-08-12] ()
Task: {B2754ED3-E9AE-46C9-A8F8-F7B3C301B313} - System32\Tasks\{15C0D1DD-9B90-4B48-8A1A-4B257B09FAD6} => C:\Program Files\Skype\Phone\Skype.exe
Task: {BF37763A-F2AF-4D22-B7B0-24E43466775F} - System32\Tasks\HP AR Program Upload - 3a43af9f83104a54ba1d8e2ca428974d10454e3066944c3d934f220ebf2e2f31 => C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe
Task: {E0A6C651-D311-4E7F-A3B9-9B1C75F970E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-29] (Adobe Systems Incorporated)
Task: {EABABC00-2A89-4E8C-A017-77253E82AB01} - System32\Tasks\{0236B6EF-7453-4DD1-A537-5C89B6D60730} => pcalua.exe -a C:\Users\ian&emily\Desktop\EasyClea.exe -d C:\Users\ian&emily\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-SSU_0716wt.job => C:\ProgramData\Avg_Update_0716wt\AVG-Secure-Search-Update_0716wt.exe
Task: C:\Windows\Tasks\AVG-SSU_0716wt_DELETE.job => C:\ProgramData\Avg_Update_0716wt\AVG-Secure-Search-Update_0716wt.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2008-01-23 12:30 - 2007-09-30 23:34 - 00271760 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2008-01-23 12:30 - 2007-09-30 23:34 - 00255384 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2008-01-23 12:30 - 2007-09-30 23:34 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2008-01-23 12:30 - 2007-09-30 23:34 - 00112016 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2008-01-23 12:30 - 2007-09-30 23:34 - 00120208 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2008-01-23 12:30 - 2007-09-30 23:34 - 00345384 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2007-09-05 17:03 - 2007-09-05 17:03 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2007-07-12 16:55 - 2007-07-12 16:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 18:43 - 2007-08-14 18:43 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 16:55 - 2007-07-12 16:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2007-09-05 16:52 - 2007-09-05 16:52 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2008-01-23 12:30 - 2007-09-30 23:33 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2016-10-20 21:31 - 2016-10-20 21:31 - 00098816 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32api.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00110080 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\pywintypes27.dll
2016-10-20 21:31 - 2016-10-20 21:31 - 00364544 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\pythoncom27.dll
2016-10-20 21:31 - 2016-10-20 21:31 - 00320512 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32com.shell.shell.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00776704 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_hashlib.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 01176576 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._core_.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00806400 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._gdi_.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00816128 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._windows_.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 01067008 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._controls_.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00733184 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._misc_.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00682496 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\pysqlite2._sqlite.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00088064 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_ctypes.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00119808 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32file.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00108544 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32security.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00007168 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\hashobjs_ext.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00017920 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\thumbnails_ext.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00088064 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\usb_ext.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00012800 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\common.time34.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00018432 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32event.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00167936 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32gui.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00046080 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_socket.pyd
2016-10-20 21:30 - 2016-10-20 21:31 - 01208320 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_ssl.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00128512 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_elementtree.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00127488 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\pyexpat.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00038912 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32inet.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00036864 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_psutil_windows.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00525208 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\windows._lib_cacheinvalidation.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00011264 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\win32crypt.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00077312 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\wx._html2.pyd
2016-10-20 21:30 - 2016-10-20 21:30 - 00027136 ____R () C:\Users\ian&emily\AppData\Local\Temp\_MEI10762\_multiprocessing.pyd
2016-10-20 21:31 - 2016-10-20 21:31 - 00020480 ____R () C:\Us