Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-06-2016 Ran by Del (2016-07-01 19:27:20) Running from C:\Users\Del\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-11-27 13:56:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2568410734-3031030142-1223416489-500 - Administrator - Disabled) Del (S-1-5-21-2568410734-3031030142-1223416489-1001 - Administrator - Enabled) => C:\Users\Del Guest (S-1-5-21-2568410734-3031030142-1223416489-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2568410734-3031030142-1223416489-1016 - Limited - Enabled) SophosSAUDEL-PC0 (S-1-5-21-2568410734-3031030142-1223416489-1023 - Limited - Enabled) Yvonne (S-1-5-21-2568410734-3031030142-1223416489-1008 - Limited - Enabled) => C:\Users\Yvonne ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated) ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 12.1.2272 - AVAST Software) Blueline 1.1.1 (HKLM\...\Blueline_is1) (Version: - ) Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.) Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.) Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - ) Canon MG7500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7500_series) (Version: 1.00 - Canon Inc.) Canon MG7500 series On-screen Manual (HKLM\...\Canon MG7500 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MG7500 series User Registration (HKLM\...\Canon MG7500 series User Registration) (Version: - ‭Canon Inc.) Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.) Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.) Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell) Dell SupportAssistAgent (HKLM\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell) Digital Advertising Alliance Protect My Choices (Beta) (HKLM\...\{F0BF9C38-5639-4F0F-A818-AEA288C0A96E}) (Version: 1.2.0.0 - Digital Advertising Alliance) Elevated Installer (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden Epson Copy Utility 3.5 (HKLM\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - ) EPSON TWAIN 5 (HKLM\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.) Evernote v. 5.9.6 (HKLM\...\{A542D366-9877-11E5-B101-005056951CAD}) (Version: 5.9.6.9494 - Evernote Corp.) FreshDiagnose (HKLM\...\FreshDevices - FreshDiagnose_is1) (Version: - ) Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Garmin Express (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden Google Advertising Cookie Opt-out (HKLM\...\{D1A87CF6-1DFD-470D-800A-CDC1CE5F7E54}) (Version: 1.0.1.0 - Google Inc) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden Hawke BRC 1.0.9 (HKLM\...\{44F2B651-A86A-4B6C-8563-07B66F00F8F8}_is1) (Version: - Hawke Sport Optics) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Intel(R) Processor Identification Utility (HKLM\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Japanese Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated) Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) MiniTool Partition Wizard Free 9.0 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MotoCalc 8.07 (HKLM\...\MotoCalc 8_is1) (Version: - Capable Computing, Inc.) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) O2 BB Assisted Controls V2 (HKLM\...\{B0F51838-4AF7-4784-88DD-C86D7D8AF804}) (Version: 1 - SupportSoft) P&O Cruises Live Ship Tracker (HKLM\...\com.pocruises.LiveShipTracker.A0C66AABAFAD54D5C6C22F9F89EA0FC11C49AF59.1) (Version: 1.3.15 - Carnival plc) P&O Cruises Live Ship Tracker (Version: 1.3.15 - Carnival plc) Hidden Password Safe (HKLM\...\Password Safe) (Version: - ) PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation) QuickBooks (Version: 20.0.4017.807 - Intuit Inc.) Hidden QuickBooks Simple Start 2010 Free Edition (HKLM\...\{0700E22B-A419-40A5-BD20-04BF618CA0F9}) (Version: 20.0.4017.807 - Intuit Inc.) QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) RC Plane Master (HKLM\...\RC Plane Master) (Version: - ) Remote Keyboard Lite (HKLM\...\{7C621473-99FD-4800-B2F5-4F390AA46E0C}) (Version: 1.2.0.09270 - Sony Corporation) Remote Keyboard Lite (Version: 1.2.0.09270 - Sony Corporation) Hidden SafeZone Stable 1.48.2066.114 (Version: 1.48.2066.114 - Avast Software) Hidden Samsung Data Migration (HKLM\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung) Samsung Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM\...\{EFC7DF4A-D0A1-4622-9104-10D8D2B5C82B}) (Version: 6.1.00 - Silicon Laboratories, Inc.) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) Supportsoft Mirror Driver 1.8.0 (HKLM\...\ConsMirror_is1) (Version: 1.8.0 - Consona.) Supportsoft Printer Driver 1.7.0 (HKLM\...\ConsPrinter_is1) (Version: 1.7.0 - Consona.) TreeSize Free V3.3.2 (HKLM\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software) VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version: - ) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Del\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll () CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{810CADD9-2658-4820-BA95-30199625191E}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2010\qbw32.exe (Intuit Inc.) CustomCLSID: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> c:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {164C059B-1EB3-47D0-A107-7E700F508F57} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.) Task: {1E590DC4-C7E7-4E01-9714-9E2ECC93ABFD} - System32\Tasks\SafeZone scheduled Autoupdate 1458723209 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software) Task: {381C4D86-47CF-4802-9296-742570C447F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {4220E91D-159A-40F3-BF52-F11C873327DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {6700FFF6-E4FA-4E2A-85BF-CEF4A252A8CD} - System32\Tasks\SamsungMagician => C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {753F595B-5C90-492E-BDE9-E5B339D0A778} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software) Task: {7EE8B7F1-56B0-4094-A031-B182E86FCB34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software) Task: {A0BE39EA-1F57-4271-8B9D-2DE89B277B2E} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {A919F893-4B86-4251-8158-370AFBF29525} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {C3D75BFF-B14D-4DCA-AABF-226CA81E5EE5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.) Task: {D0A19339-A8A1-48F8-80BB-9DE76C86463A} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe Task: {EE190C43-E582-4733-80C6-79372FFD854E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-04-22] (Dell Inc.) Task: {FBE2BA1B-8D87-47DC-9C89-73F36FC0D02D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {FC730A38-A49E-4B31-BF8B-49D8E77E2D17} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-06-30 16:33 - 2016-06-30 16:33 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-07-01 15:30 - 2016-07-01 15:30 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070101\algo.dll 2016-05-23 20:42 - 2016-05-23 20:42 - 00679624 _____ () C:\Users\Del\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-02-13 16:28 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2016-02-13 16:28 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2016-06-30 16:33 - 2016-06-30 16:33 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-12-01 16:37 - 2015-12-01 16:37 - 00439504 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll 2015-12-01 16:37 - 2015-12-01 16:37 - 00321232 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll 2015-04-29 13:49 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files\Samsung\Samsung Magician\SAMSUNG_SSD.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Del\Desktop\passport Y.jpeg:3or4kl4x13tuuug3Byamue2s4b [87] AlternateDataStreams: C:\Users\Yvonne\Desktop\specs.jpeg:3or4kl4x13tuuug3Byamue2s4b [87] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38910314.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38910314.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft Remote Control Client => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\...\dell.com -> dell.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2013-09-26 17:00 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Del\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{A8616B58-176D-4754-BFDE-646050AF6178}] => (Allow) C:\Users\Del\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{2094D451-408F-42B5-B104-79CD697DE53F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{417A793D-7470-4EE0-B25E-9EBF1F6227BE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe ==================== Restore Points ========================= 14-04-2016 17:08:23 Dell Update: eDellRoot Removal 17-04-2016 17:13:36 Dell Update: eDellRoot Removal 20-04-2016 09:00:49 Windows Update 20-04-2016 20:14:35 Dell Update: eDellRoot Removal 24-04-2016 14:43:06 Dell Update: eDellRoot Removal 27-04-2016 19:40:46 Windows Update 04-05-2016 11:39:48 Dell Update: eDellRoot Removal 04-05-2016 11:39:48 Windows Update 07-05-2016 13:59:33 Dell Update: eDellRoot Removal 10-05-2016 15:41:56 Dell Update: eDellRoot Removal 10-05-2016 15:42:48 Dell Update: eDellRoot Removal 11-05-2016 14:34:04 Windows Update 13-05-2016 15:42:43 Dell Update: eDellRoot Removal 15-05-2016 19:11:16 Windows Update 17-05-2016 11:38:11 Dell Update: eDellRoot Removal 19-05-2016 18:28:01 Windows Update 20-05-2016 12:13:52 Dell Update: eDellRoot Removal 23-05-2016 16:40:49 Dell Update: eDellRoot Removal 23-05-2016 17:06:56 Windows Update 26-05-2016 19:22:31 Dell Update: eDellRoot Removal 26-05-2016 19:32:13 Dell Update: eDellRoot Removal 26-05-2016 19:36:38 Windows Update 29-05-2016 22:12:43 Dell Update: eDellRoot Removal 30-05-2016 11:43:17 Windows Update 02-06-2016 18:45:13 Dell Update: eDellRoot Removal 04-06-2016 16:49:21 Windows Update 05-06-2016 18:45:17 Dell Update: eDellRoot Removal 10-06-2016 18:32:07 Dell Update: eDellRoot Removal 10-06-2016 19:22:11 Windows Update 13-06-2016 19:09:49 Dell Update: eDellRoot Removal 14-06-2016 18:14:42 Windows Update 16-06-2016 19:09:50 Dell Update: eDellRoot Removal 16-06-2016 19:10:11 Dell Update: eDellRoot Removal 18-06-2016 17:43:07 Windows Update 19-06-2016 22:02:55 Dell Update: eDellRoot Removal 21-06-2016 18:53:06 Windows Update 23-06-2016 11:59:01 Dell Update: eDellRoot Removal 26-06-2016 17:04:18 Dell Update: eDellRoot Removal 26-06-2016 18:59:24 Windows Update 29-06-2016 18:42:28 Dell Update: eDellRoot Removal 29-06-2016 18:42:54 Dell Update: eDellRoot Removal 29-06-2016 19:11:24 Windows Update 30-06-2016 19:40:43 Windows Backup ==================== Faulty Device Manager Devices ============= Name: VNC Mirror Driver Description: VNC Mirror Driver Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: RealVNC Service: vncmirror Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (07/01/2016 07:22:09 PM) (Source: DCOM) (EventID: 10016) (User: Del-PC) Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Del-PCDelS-1-5-21-2568410734-3031030142-1223416489-1001LocalHost (Using LRPC) CodeIntegrity: =================================== Date: 2016-07-01 19:25:08.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-01 19:24:22.386 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-01 19:24:22.339 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Percentage of memory in use: 54% Total physical RAM: 3061.16 MB Available physical RAM: 1393.7 MB Total Virtual: 6120.63 MB Available Virtual: 4357.18 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:232.88 GB) (Free:47.53 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: CBAB01D2) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================