Active PUP? MBytes could not complete scan

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by shaldeman (administrator) on WK2 (Dell Inc. Inspiron 537) (08-07-2019 15:20:40)
Running from C:\Users\shaldeman\Downloads
Loaded Profiles: shaldeman & (Available Profiles: shaldeman)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Config.Msi\TBDBFAA.tmp
(AOL Inc. -> AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1354735756\ee\aolsoftware.exe
(AVG Technologies -> ) C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1123\SSScheduler.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\NIS.exe
(Yahoo! Inc. -> Yahoo! Inc) C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\Yahoo Messenger.exe
(Yahoo! Inc. -> Yahoo! Inc) C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\Yahoo Messenger.exe
(Yahoo! Inc. -> Yahoo! Inc) C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\Yahoo Messenger.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [447424 2019-05-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1354735756\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1920994069-48214245-3674980552-1000\...\Run: [Yahoo Messenger Updater] => C:\Users\shaldeman\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2017-02-02] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-1920994069-48214245-3674980552-1000\...\Run: [Yahoo Messenger] => C:\Users\shaldeman\AppData\Local\yahoomessenger\update.exe [2189840 2016-08-19] (Yahoo! Inc. -> Yahoo!, Inc)
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\...\Run: [Yahoo Messenger Updater] => C:\Users\shaldeman\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2017-02-02] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\...\Run: [Yahoo Messenger] => C:\Users\shaldeman\AppData\Local\yahoomessenger\update.exe [2189840 2016-08-19] (Yahoo! Inc. -> Yahoo!, Inc)
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\...\Run: [Yahoo Messenger Updater] => C:\Users\shaldeman\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2017-02-02] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\...\Run: [Yahoo Messenger] => C:\Users\shaldeman\AppData\Local\yahoomessenger\update.exe [2189840 2016-08-19] (Yahoo! Inc. -> Yahoo!, Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe [2017-02-14] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2019-05-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-07-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1123\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10A40E95-2E11-4A18-8661-ABF93556064A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {211A8ED3-4C42-4D5E-BCFC-672A33B8BF72} - System32\Tasks\{D4825680-7D91-4B70-B27F-D0B86A12FE07} => C:\Program Files (x86)\WordPerfect Office 12\Programs\wpwin12.exe
Task: {5463BB39-5FF3-43A7-857C-EE366FEB9183} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
Task: {5FEDBA4B-F147-46F6-AC20-82C4855A1FEB} - \GoogleUpdateTaskMachineCore1d1e9236a1532be -> No File <==== ATTENTION
Task: {9853D34E-C20A-4CC7-89B9-6C101A915E75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {9853D34E-C20A-4CC7-89B9-6C101A915E75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {A7D3165A-1A10-4CE1-82DF-14552441CF4C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {A7D3165A-1A10-4CE1-82DF-14552441CF4C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {B968A523-970E-4ACF-B8D5-A7A9567C4515} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-06-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BCD986F2-2C04-450D-8620-9521703A4BEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {C929C33A-7E9B-4730-BCBB-0ACE88251352} - System32\Tasks\TopArcadeHits => C:\Users\shaldeman\AppData\Local\TopArcadeHits\updater.exe
Task: {E86974B0-E5F9-4628-A673-97E70899C7F2} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e9236a1532be.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\shaldeman\AppData\Local\TopArcadeHits\updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63B414DD-EACC-42F8-86B0-43866198A744}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1920994069-48214245-3674980552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1920994069-48214245-3674980552-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc. -> Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc. -> Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc. -> Yahoo! Inc.)
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {4C1A9770-C8F1-44A1-8426-D1034AC5DEF5} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> DefaultScope {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> {7D9E18DF-ABB4-4732-B67E-D6F30145A136} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={9BEB44D5-D201-48B3-8B76-AB9DB9380B42}&mid=3434bbf80bae47d3ae5cd14acce4e9e6-0e23c33c41bb72cbfe2fe2ef735628bd801144fe&lang=en&ds=dn011&pr=sa&d=2013-09-04 11:59:20&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> DefaultScope {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> {7D9E18DF-ABB4-4732-B67E-D6F30145A136} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={9BEB44D5-D201-48B3-8B76-AB9DB9380B42}&mid=3434bbf80bae47d3ae5cd14acce4e9e6-0e23c33c41bb72cbfe2fe2ef735628bd801144fe&lang=en&ds=dn011&pr=sa&d=2013-09-04 11:59:20&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> DefaultScope {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> {3C802D06-B3F6-4081-A603-DDDB1C87CF73} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=TB50CL-ie&s_qt=sb&tb_uuid=20121205192947611&tb_oid=05-12-2012&tb_mrud=31-10-2013
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> {7D9E18DF-ABB4-4732-B67E-D6F30145A136} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3304762&SearchSource=45&UM=2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={9BEB44D5-D201-48B3-8B76-AB9DB9380B42}&mid=3434bbf80bae47d3ae5cd14acce4e9e6-0e23c33c41bb72cbfe2fe2ef735628bd801144fe&lang=en&ds=dn011&pr=sa&d=2013-09-04 11:59:20&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:/Users/shaldeman/AppData/Local/Smartbar/Application/SmartbarInternetExplorerBHO.DLL => No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc -> Google Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll [2013-08-06] (Yahoo! Inc. -> Yahoo! Inc.)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:/Users/shaldeman/AppData/Local/Smartbar/Application/SmartbarInternetExplorerBHO.DLL => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Users\shaldeman\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll => No File
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll [2013-10-31] (AVG Technologies -> AVG Secure Search)
BHO-x32: TopArcadeHits Games -> {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} -> C:\Users\shaldeman\AppData\Local\TopArcadeHits\Toparcadehits.dll [2013-09-04] (EpicPlay, LLC -> ) [File not signed]
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc -> Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:/Users/shaldeman/AppData/Local/Smartbar/Application/SmartbarInternetExplorerExtension.DLL No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll [2013-08-06] (Yahoo! Inc. -> Yahoo! Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:/Users/shaldeman/AppData/Local/Smartbar/Application/SmartbarInternetExplorerExtension.DLL No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll [2013-10-31] (AVG Technologies -> AVG Secure Search)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1920994069-48214245-3674980552-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll [2013-10-01] (AVG Technologies -> AVG Secure Search)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.2.13
FF Extension: (AVG SafeGuard toolbar) - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.2.13 [2013-10-31] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFPlgn => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll [2014-06-11] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll [2014-06-11] (Adobe Systems Incorporated -> )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll [2013-10-01] (AVG Technologies -> AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc -> Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] () [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.yahoo.com/
CHR StartupUrls: Default -> "hxxp://www.yahoo.com/","hxxp://logmein.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://klopchilfcgknpaikicldicneonlliad/newtab/quicktab.html", Active:"chrome-extension://npmoikddpdgbhgbkjgjemncoegpojpng/newtabproduct.html", Not-active:"chrome-extension://npmoikddpdgbhgbkjgjemncoegpojpng/productnewtab.html", Not-active:"chrome-extension://npmoikddpdgbhgbkjgjemncoegpojpng/product.html", Not-active:"chrome-extension://odhkbaigkdgomaoipjcnnphjdlpnjjka/newtab/newtab.html", Not-active:"chrome-extension://jccfgghhbihbhomnlnadpjhkhmmboanj/newtab.html", Not-active:"chrome-extension://gcphnjpafgpmilhofjhnigjpldknfpjm/stubby.html"
CHR Profile: C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default [2019-07-08]
CHR Extension: (Easy Forms Pro Online) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjcogbfffaoeajcmaadfhognhmfdacg [2019-07-03]
CHR Extension: (Search Encrypt) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfibbgfabkckmhgjhinddpgfmppjldl [2019-07-03]
CHR Extension: (Package Tracking Pro) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbimldpmhhpjcfmbmooedlgapdmokci [2019-04-03]
CHR Extension: (Quick) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpoiakkgcanokcakmpmeejibmoiecdf [2018-05-03]
CHR Extension: (Shipment Tracker) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fphdlodflkdpppmacendjcfaalpdhoom [2019-04-03]
CHR Extension: (Internet Speed Tracker) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcphnjpafgpmilhofjhnigjpldknfpjm [2015-02-13]
CHR Extension: (TopArcadeHits) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp [2013-09-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-07-07]
CHR Extension: (Yahoo Homepage) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccfgghhbihbhomnlnadpjhkhmmboanj [2018-08-23]
CHR Extension: (BeFrugal Add-On) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp [2019-06-14]
CHR Extension: (UF LogMeIn by joshuac.com) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfccgbdpeficpdmkknifjabahopjjmjj [2015-09-01]
CHR Extension: (Easy Speed Test) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\klopchilfcgknpaikicldicneonlliad [2019-06-26]
CHR Extension: (CouponXplorer) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\magdmbkcibdnnfmnamahibddledomccn [2015-04-02]
CHR Extension: (FastestFox for Chrome) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2014-07-24]
CHR Extension: (AVG SafeGuard) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-10-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (MyTransitGuide) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmoikddpdgbhgbkjgjemncoegpojpng [2019-06-29]
CHR Extension: (Coupon Simplified) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhkbaigkdgomaoipjcnnphjdlpnjjka [2018-03-29]
CHR Extension: (Gmail) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\shaldeman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-14]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.0.2.13\avg.crx [2013-10-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [420296 2019-05-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [585672 2019-05-14] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-08-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1123\McCHSvc.exe [406416 2019-07-03] (McAfee, Inc. -> McAfee, Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\NIS.exe [282016 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [64512 2009-07-13] (Microsoft Windows -> Hewlett-Packard)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [868592 2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
S4 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-01] (AVG Technologies -> AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies -> AVG Technologies)
S3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20150921.003\BHDrvx64.sys [1650936 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605040.018\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20150930.101\IDSVia64.sys [767224 2015-09-23] (Symantec Corporation -> Symantec Corporation)
R2 LMIInfo; C:\Windows\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-07] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation -> Microsoft Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20150923.001\ENG64.SYS [138488 2015-05-20] (Symantec Corporation -> Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20150923.001\EX64.SYS [2146040 2015-05-20] (Symantec Corporation -> Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation -> Microsoft Corporation)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1605040.018\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 SymEFASI; C:\Windows\system32\drivers\NISx64\1605040.018\SYMEFASI64.SYS [1620720 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-02-06] (Symantec Corporation -> Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1605040.018\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation -> Symantec Corporation)
S3 SymNetS; C:\Windows\system32\drivers\NISx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation -> Symantec Corporation)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-08 15:20 - 2019-07-08 15:21 - 000034678 _____ C:\Users\shaldeman\Downloads\FRST.txt
2019-07-08 15:20 - 2019-07-08 15:20 - 002420224 _____ (Farbar) C:\Users\shaldeman\Downloads\FRST64.exe
2019-07-08 15:20 - 2019-07-08 15:20 - 000000000 ____D C:\FRST
2019-07-08 15:19 - 2019-07-08 15:19 - 001772032 _____ (Farbar) C:\Users\shaldeman\Downloads\FRST.exe
2019-07-08 11:55 - 2019-07-08 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-07-08 11:54 - 2019-07-08 11:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-07-07 13:32 - 2019-07-07 13:32 - 013967360 _____ C:\Users\shaldeman\Downloads\chromeremotedesktophost.msi
2019-07-06 13:13 - 2019-07-07 10:19 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-06 13:13 - 2019-07-06 13:13 - 000000000 ____D C:\Users\shaldeman\AppData\Local\mbamtray
2019-07-06 13:13 - 2019-07-06 13:13 - 000000000 ____D C:\Users\shaldeman\AppData\Local\mbam
2019-07-06 13:12 - 2019-07-06 13:12 - 064333800 _____ (Malwarebytes ) C:\Users\shaldeman\Downloads\mb3-setup-43841.43841-3.8.3.2965-1.0.613-1.0.11270.exe
2019-07-06 13:12 - 2019-07-06 13:12 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-06 13:12 - 2019-07-06 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-06 13:12 - 2019-07-06 13:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-06 13:12 - 2019-07-06 13:12 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-06 13:12 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-06 13:06 - 2019-07-06 13:06 - 020650160 _____ (Piriform Software Ltd) C:\Users\shaldeman\Downloads\ccsetup559.exe
2019-06-10 11:55 - 2019-07-08 11:55 - 000001975 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-08 14:46 - 2013-04-22 09:04 - 000000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2019-07-08 14:44 - 2013-09-04 11:57 - 000000280 _____ C:\Windows\Tasks\TopArcadeHits.job
2019-07-08 14:37 - 2012-12-05 12:32 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2019-07-08 11:55 - 2016-04-08 12:24 - 000000000 ____D C:\Program Files\McAfee Security Scan
2019-07-08 00:18 - 2012-12-06 10:10 - 000000000 ____D C:\ProgramData\LogMeIn
2019-07-07 13:33 - 2013-04-22 09:04 - 000000000 ____D C:\ProgramData\Google
2019-07-07 13:33 - 2013-04-22 09:04 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-07 10:28 - 2009-07-13 21:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-07 10:28 - 2009-07-13 21:45 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-07 10:25 - 2009-07-13 22:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-07 10:25 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2019-07-07 10:19 - 2016-08-22 13:40 - 000000000 ____D C:\Users\shaldeman\AppData\Roaming\Yahoo Messenger
2019-07-07 10:18 - 2014-01-23 11:36 - 000000869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2019-07-07 10:18 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-23 03:46 - 2014-07-16 10:35 - 000002104 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-23 03:46 - 2013-04-22 09:05 - 000002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories ================

2016-07-28 15:56 - 2016-07-28 15:56 - 000000000 _____ () C:\Program Files (x86)\GUT26C2.tmp
2018-12-13 16:47 - 2018-12-13 16:47 - 000000000 _____ () C:\Program Files (x86)\GUT531A.tmp
2019-03-28 03:47 - 2019-03-28 03:47 - 000000000 _____ () C:\Program Files (x86)\GUT6091.tmp
2019-05-14 00:46 - 2019-05-14 00:46 - 000000000 _____ () C:\Program Files (x86)\GUT74D8.tmp
2016-10-08 10:38 - 2016-10-08 10:38 - 006748160 _____ () C:\Program Files (x86)\GUT877F.tmp
2018-05-20 08:06 - 2018-05-20 08:06 - 000000000 _____ () C:\Program Files (x86)\GUT8F64.tmp
2017-01-14 09:11 - 2017-01-26 16:31 - 007680000 _____ () C:\Program Files (x86)\GUT936A.tmp
2016-05-10 17:47 - 2016-05-10 17:47 - 000000000 _____ () C:\Program Files (x86)\GUT9A35.tmp
2017-04-19 19:38 - 2017-04-19 19:38 - 000000000 _____ () C:\Program Files (x86)\GUTB99E.tmp
2015-12-02 06:46 - 2015-12-02 06:46 - 006420480 _____ () C:\Program Files (x86)\GUTBCC0.tmp
2017-11-13 21:47 - 2017-11-13 21:47 - 000000000 _____ () C:\Program Files (x86)\GUTD801.tmp
2017-06-20 04:39 - 2017-06-20 04:39 - 000000000 _____ () C:\Program Files (x86)\GUTDE5F.tmp
2018-05-15 05:47 - 2018-05-15 05:47 - 000000000 _____ () C:\Program Files (x86)\GUTE590.tmp
2016-04-03 09:59 - 2016-04-03 09:59 - 000000000 _____ () C:\Program Files (x86)\GUTED2C.tmp
2016-11-27 06:03 - 2016-11-27 06:03 - 000000000 _____ () C:\Program Files (x86)\GUTEFEA.tmp
2012-12-05 12:41 - 2012-12-05 12:41 - 000012358 _____ () C:\Users\shaldeman\AppData\Roaming\PFP120JCM.{PB
2012-12-05 12:41 - 2012-12-05 12:41 - 000061678 _____ () C:\Users\shaldeman\AppData\Roaming\PFP120JPR.{PB
2017-06-20 03:48 - 2017-06-20 03:48 - 000033193 _____ () C:\Users\shaldeman\AppData\Roaming\UserTile.png

==================== FLock ================

2010-05-21 08:42 C:\System Recovery

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-02 00:28
==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by shaldeman (08-07-2019 15:22:21)
Running from C:\Users\shaldeman\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2012-12-04 21:10:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1920994069-48214245-3674980552-500 - Administrator - Disabled)
Guest (S-1-5-21-1920994069-48214245-3674980552-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1920994069-48214245-3674980552-1002 - Limited - Enabled)
shaldeman (S-1-5-21-1920994069-48214245-3674980552-1000 - Administrator - Enabled) => C:\Users\shaldeman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire 2011 v8.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.0.2.13 - AVG Technologies)
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
DefaultTab (HKLM-x32\...\DefaultTab) (Version: 2.2.8.0 - Search Results, LLC) <==== ATTENTION
Dell System Detect (HKU\S-1-5-21-1920994069-48214245-3674980552-1000\...\9204f5692a8faf3b) (Version: 4.0.5.6 - Dell)
Dell System Detect (HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\...\9204f5692a8faf3b) (Version: 4.0.5.6 - Dell)
Dell System Detect (HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\...\9204f5692a8faf3b) (Version: 4.0.5.6 - Dell)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Security True Key (HKLM\...\TrueKey) (Version: 3.9.141.1 - Intel Security)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
LogMeIn (HKLM-x32\...\{5C5778DB-3E5A-499D-865D-740E67D1F165}) (Version: 4.1.2600 - LogMeIn, Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1123.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.5.4.24 - Symantec Corporation)
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickShare (HKLM-x32\...\{1B325F70-A984-421E-8407-06683E6EF03B}) (Version: 1.90.60.12091 - Linkury Inc.) <==== ATTENTION
Stamps.com (HKLM-x32\...\{698AC01B-DF0C-4BCE-940C-EB29AD23A560}) (Version: 10.5.0.2531 - Stamps.com, Inc.) Hidden
Stamps.com (HKLM-x32\...\Stamps.com) (Version: - Stamps.com, Inc.)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
Visual Day Planner (HKLM-x32\...\{9FE0D9CD-634A-457B-932F-A1FA1C9F2CFC}) (Version: - )
WordPerfect Office 12 (HKLM-x32\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
Yahoo Messenger (HKU\S-1-5-21-1920994069-48214245-3674980552-1000\...\yahoomessenger) (Version: 0.8.288 - Yahoo! Inc)
Yahoo Messenger (HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\...\yahoomessenger) (Version: 0.8.288 - Yahoo! Inc)
Yahoo Messenger (HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\...\yahoomessenger) (Version: 0.8.288 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\PROGRA~1\MICROS~2\shellext.dll -> No File
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\NavShExt.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\PROGRA~1\MICROS~2\shellext.dll -> No File
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {C0E10002-0028-0005-C0E1-C0E1C0E1C0E1} => C:\Program Files (x86)\WordPerfect Office 122\Programs\PFSE120.DLL [2004-02-10] (Corel Corporation) [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\NavShExt.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\PROGRA~1\MICROS~2\shellext.dll -> No File
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {C0E10002-0028-0005-C0E1-C0E1C0E1C0E1} => C:\Program Files (x86)\WordPerfect Office 122\Programs\PFSE120.DLL [2004-02-10] (Corel Corporation) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.4.24\NavShExt.dll [2015-09-23] (Symantec Corporation -> Symantec Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\shaldeman\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2017-02-02 16:13 - 2017-02-02 16:13 - 001943040 _____ () [File not signed] C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\ffmpeg.dll
2017-02-02 16:13 - 2017-02-02 16:13 - 000080896 _____ () [File not signed] C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\libegl.dll
2017-02-02 16:13 - 2017-02-02 16:13 - 002263040 _____ () [File not signed] C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\libglesv2.dll
2010-03-08 00:27 - 2010-03-08 00:27 - 000578048 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\1354735756\ee\AOLSvcMgr.dll
2010-01-05 23:19 - 2010-01-05 23:19 - 000176640 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll
2008-11-04 11:46 - 2008-11-04 11:46 - 000835584 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1354735756\ee\coolcore54.dll
2010-05-02 20:23 - 2010-05-02 20:23 - 000155648 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll
2008-10-17 09:48 - 2008-10-17 09:48 - 000104448 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\connection\ver7_1_2_1\connection.dll
2008-10-03 11:28 - 2008-10-03 11:28 - 000317440 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\localStorage\ver8_1_1_1\clsSvc.dll
2008-10-03 13:29 - 2008-10-03 13:29 - 000256000 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\metrics\ver4_1_11_1\cmls.dll
2008-10-03 12:49 - 2008-10-03 12:49 - 000130560 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\notification\ver7_1_1_1\Notify.dll
2006-09-21 08:18 - 2006-09-21 08:18 - 000005632 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
2006-09-21 08:19 - 2006-09-21 08:19 - 000180736 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\os\ver5_2_1_1\OS.dll
2008-10-03 14:13 - 2008-10-03 14:13 - 000163840 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\osInfo\ver2_1_1_1\OSInfo.dll
2008-10-03 13:16 - 2008-10-03 13:16 - 000094720 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\preferences\ver6_1_1_1\preferences.dll
2007-09-07 08:46 - 2007-09-07 08:46 - 000281600 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1354735756\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll
2007-03-19 19:48 - 2007-03-19 19:48 - 000249856 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1354735756\ee\xprt5.dll
2009-12-11 10:17 - 2009-12-11 10:17 - 000248832 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1354735756\ee\xprt6.dll
2013-08-16 13:00 - 2013-08-16 13:00 - 000081408 _____ (KYOCERA Document Solutions Inc.) [File not signed] C:\Windows\System32\KMPJL64.DLL
2016-04-08 12:13 - 2014-07-30 11:06 - 000415744 _____ (NLog) [File not signed] C:\Program Files\TrueKey\NLog.dll
2017-02-02 16:13 - 2017-02-02 16:13 - 013151744 _____ (Node.js) [File not signed] C:\Users\shaldeman\AppData\Local\yahoomessenger\app-0.8.288\node.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1920994069-48214245-3674980552-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2019-07-08 11:55 - 000000913 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1920994069-48214245-3674980552-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\shaldeman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123554059\Control Panel\Desktop\\Wallpaper -> C:\Users\shaldeman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1920994069-48214245-3674980552-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07082019123605801\Control Panel\Desktop\\Wallpaper -> C:\Users\shaldeman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: vToolbarUpdater17.0.12 => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\shaldeman\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{798C9269-0836-4FBF-BF5D-D756F4298F58}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D68069B7-6FDC-4C71-A805-A9904E66BEE9}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{A59E7F08-52EF-4D02-8C5F-D20C99B762FD}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{DAE96905-6512-475D-87A9-965B380BA7E2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D4C0C1CE-58A4-4917-9F03-E1DE8822CEAD}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1354735756\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{158EC337-78B6-436F-88F1-981A6B5C8B03}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1354735756\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{C53DB835-193B-4A82-A6D7-7E5257C11485}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{0986E036-976B-43CE-B3D1-13E646171659}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{0B7530CD-C62A-4CF0-BF70-9FC87F8623E5}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{BF7E2772-8E08-4C94-B291-A351F2FAF9AC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{11279F71-6BBC-49FD-A7A6-D502170B80DA}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{FCE72DD2-4B8E-4A96-8641-F019108B6F55}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{B1824F95-B08C-4EBB-BEB8-F26507E641A9}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{CAA3006D-0BE1-4638-B061-A220263B17A0}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{16F78123-277D-4D01-BCBB-A327783EB908}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{E71F6154-1F85-4411-89B4-44C7471FE48A}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{576B53B5-F1F4-43A4-873F-E5329BB51BB4}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{2DE18BE5-2200-43E5-8C16-245659F835A9}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{CBE76BD8-8462-4A2B-AC46-8C562BBC0115}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{9767F6D2-ECBD-4B56-8CA6-FCEE9D021187}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{A3EA7DB6-2D3A-4849-9324-1D93A3AA784D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{87FA4209-F5A0-4E38-9EAD-9F8642B933EF}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\AOLBrowser\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{54F83C61-D6F8-4022-8C7A-797FEC28261E}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7c\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{9D3C2504-A729-48C0-BE8B-93F294D9A383}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7c\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{09FF85E9-736D-4259-84A4-06E273B779B7}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7c\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{19EC786D-AA47-4326-AB75-8D4EA962FE44}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7c\aolbrowser.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{AA73EC14-C9B8-496A-884B-DA7C1369C1AA}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C8F30D09-EF3B-4571-BAC0-1E01BAC6DDF6}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{492A45B4-B80F-40A3-A6B6-9C4FA59E9C03}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{46F94138-D6B5-4C79-A0CB-BBAD1AE223C3}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{FE3E4E38-2843-42A0-A58B-02BD600F5764}] => (Allow) LPort=5357
FirewallRules: [{A245BD24-FC4D-46E3-AA81-6A8A109A1E02}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{F2D3C2E6-661C-4DB2-B6D3-286C4420314D}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe No File
FirewallRules: [UDP Query User{DD19C728-2673-436F-BB98-10245D97908A}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe No File
FirewallRules: [{A00008C7-A714-41C6-8593-EDDDD48346DB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{57C0FCFA-F076-4E2C-9575-5ABC34477112}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{67398C5E-487F-4CEC-8600-E194D2BD7146}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{CAE8875E-37EC-404E-8A2A-94C62C7D1A29}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{F053A441-4422-4CFD-82AE-F915BE1FAEC6}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1354735756\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{F48CDB71-CD2C-46F5-8E85-B81AE00261E4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1354735756\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{F6CC9AA6-6459-4B6E-8040-2CEA1B1DD429}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{FFA1ABBD-0BDA-440D-8CCC-9148C6CD70A3}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{6DDE3A86-1797-4692-B1F2-6868B634B6AD}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{0618D641-D560-419E-BC5B-E1A466182DB3}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{492076E2-D4AD-4C46-888A-92509D93E685}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{90052896-6E1B-48D1-A00E-3F7976D592FB}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{C2CDC74D-235D-4A8D-998F-2E093C1E3730}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{82E2BBFD-834F-4D12-B74D-06A433715C4E}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{1058854B-9B62-4AF1-A1AA-1400AD29D8FA}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3045CA11-A545-4693-A5BD-7C2A6A131B68}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{CE3A2755-2EE1-4FEC-A1B9-F2DA3D0511F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{BAA513E0-3B8E-4F22-B00B-C758C2D730C1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

07-10-2015 03:58:31 Windows Update
08-10-2015 03:00:10 Windows Update
12-10-2015 03:58:23 Windows Update
15-10-2015 03:00:14 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2019 03:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McAfee.TrueKey.Service.exe, version: 3.9.141.0, time stamp: 0x56fdcc8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19018, time stamp: 0x560a0094
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x280
Faulting application start time: 0x01d535dbb67bd685
Faulting application path: C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: f515e1c8-a1ce-11e9-976f-00038a000015

Error: (07/08/2019 03:23:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: McAfee.TrueKey.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at McAfee.YAP.Service.ServiceCommands.LoadTemplatesCommand.Execute()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/08/2019 03:22:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McAfee.TrueKey.Service.exe, version: 3.9.141.0, time stamp: 0x56fdcc8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19018, time stamp: 0x560a0094
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0xc94
Faulting application start time: 0x01d535db91fdb86b
Faulting application path: C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: d00e6d6b-a1ce-11e9-976f-00038a000015

Error: (07/08/2019 03:22:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: McAfee.TrueKey.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at McAfee.YAP.Service.ServiceCommands.LoadTemplatesCommand.Execute()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/08/2019 03:21:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McAfee.TrueKey.Service.exe, version: 3.9.141.0, time stamp: 0x56fdcc8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19018, time stamp: 0x560a0094
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x1210
Faulting application start time: 0x01d535db6ceea2d1
Faulting application path: C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: ab5d7ec2-a1ce-11e9-976f-00038a000015

Error: (07/08/2019 03:21:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: McAfee.TrueKey.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at McAfee.YAP.Service.ServiceCommands.LoadTemplatesCommand.Execute()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/08/2019 03:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McAfee.TrueKey.Service.exe, version: 3.9.141.0, time stamp: 0x56fdcc8b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19018, time stamp: 0x560a0094
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0x478
Faulting application start time: 0x01d535db47fcd9a5
Faulting application path: C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 864d57b4-a1ce-11e9-976f-00038a000015

Error: (07/08/2019 03:20:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: McAfee.TrueKey.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
at McAfee.YAP.Service.ServiceCommands.LoadTemplatesCommand.Execute()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()


System errors:
=============
Error: (07/08/2019 03:23:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:22:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:21:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:20:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:18:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:17:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:16:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/08/2019 03:15:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


==================== Memory info ===========================

BIOS: Dell Inc. A03 07/23/2009
Motherboard: Dell Inc. 0U880P
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 89%
Total physical RAM: 4061.05 MB
Available physical RAM: 435.95 MB
Total Virtual: 8120.32 MB
Available Virtual: 3322 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.06 GB) (Free:328.13 GB) NTFS

\\?\Volume{3fdc8258-3e58-11e2-a81f-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:14.66 GB) (Free:9.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FDAD0758)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

All three apps will not run. Rogue Killer will appear in the task manager as a process running. MBAM ran for close to 28 hours on the same amount of files and start up objects. Adware cleaner which is now part of mbmam hangs and stops responding.

 

yes all three were uninstalled Rebooted the machine and checked they were still not in the P&F list.

 

Rogue Killer and AdwCleaner were just installed. MBAM was installed right before my first post when I noticed the scan would not complete

 

When restarting the computer I was prompted with an error message that MSVCP120.dll is missing

 

Made a mistake reading the directions. for the desk check I believe I hit rapair now and not at next boot. It's been running for a couple hours. Is that typical? Or should I cancel it and check the option at reboot? or let it run

 

It was still running this morning. I cancelled ,performed the original needed step. Went to step 4. Which suggested a scan sfcscan, got an error and it couldn't complete. System restore failed and required a reboot. Rebooted the machine ,but it was stuck on preparing windows configuration for about 2 hours.Finally rebooted when it was done and the at the very end it stopped and a fan failure came up. Had to hit f1 to get it come up. Tried starting the process again and noticed the unused norton av was running. Attempted to uninstall and it's been submitting errors to norton for the past hour or so. Once I remove the old AV systems I'll run the tweak tool again.

 

Norton refuses to uninstall and refuses to allow me to stop the services. The tool has been uninstalling for the past 30min