Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP620 laptop not responding, freezing, flashing, going really slow [So


  • This topic is locked This topic is locked

#16
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hello Bruce1270

After 2 hours I am tearing my hair out!!  On starting up the system today, outlook was not as stable as it was yesterday.  I went into msconfig and did another clean boot just incase anything had turned it self back on.  I then went in checked FF outlook etc and although good not as good as yesterday but sufficient to work with.  I then went into msconfig and re-enabled the first page of 12 programmes and enabled them, rebooted and opened FF, outlook etc  The system became very unstable again like it was before we started cleaning it up so I did another clean boot and started to tick 1 program at a time and testing outlook FF etc.  I only got as far as enabling 4 before outlook started to flash but was still opening up ok.  The action centre gave a warning that coolroom had an error so enabled that to see if it made any difference but it didn't not really.  On enabling basic services outlook started to flash more but again settled down but I started having problems opening up a shortcut to one of my spreadsheets.  The next program I enabled was bluetooth driver management s.... well it went crazy! hung flashing like mad so I had to go into task manager to try and stop it.  I went back into msconfig and disabled all the ms programmes again and things have settled down again, but still not as good as yesterday. I do have a proper licensed copy of the MS Office so would it be better to uninstall MS Office and then re-install it?  I did a repair before I contacted you for help but it didn't do anything at that stage, but obviously there were major problems with other things then as well.. I have stopped trying to enable services at the moment as I said it took me 2 hours to get only 4 services going without any problems so waiting to see what you advise now.  King regards Dawn


  • 0

Advertisements


#17
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

OK. We'll try a few other things.

First it worth trying a re install of Microsoft Office. Proceed with this.

Then run a fresh set of FRST logs.
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run.
  • Please copy and paste the FRST.txt and Addition.txt to your reply.


    Things for your next post:
  • How did the office reinstall go and how are the applications acting now?
  • FRST.txt and Addition.txt logs

  • 0

#18
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

I un-installed and then re-installed MS Office.  It still appears to be slightly unstable but better that it was.  I have run FRST.exe logs are detailed below.  Thank you.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016
Ran by da (administrator) on DAWNGREENAWAY (18-02-2016 22:17:59)
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\runonceex: [ContentMerger] => C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2016-01-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{BD53176A-3F68-456B-BD0F-953EEA4D05E8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C385B932-3828-44FE-A24E-AA6C92A2CA4B}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{EDB6B648-580F-4622-89D4-8FE183E73E20}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/2
SearchScopes: HKU\S-1-5-21-3932258823-1374462109-926273279-1001 -> {4CF47C40-C912-4248-B5E3-E9D60E076B5D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\b7octhtg.default-1455471642292
FF Homepage: hxxps://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 -> C:\windows\system32\npdeployJava1.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-02-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-02-08] (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3932258823-1374462109-926273279-1001: @tools.google.com/Google Update;version=3 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3932258823-1374462109-926273279-1001: @tools.google.com/Google Update;version=9 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2015-02-08] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2015-02-08] (RealPlayer Cloud)
FF Extension: Garmin Communicator - C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\b7octhtg.default-1455471642292\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-02-14]
FF Extension: UW CashBack Wizard - C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\b7octhtg.default-1455471642292\Extensions\@uw-cashback-wizard-pub.xpi [2016-02-14]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-25] [not signed]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-08-17] [not signed]

Chrome:
=======
CHR Profile: C:\Users\da\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\da\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-09]
CHR HKU\S-1-5-21-3932258823-1374462109-926273279-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.WB375URJVMMOHOZGJDSIZ3RWYU - C:\Users\da\AppData\Local\Google\Chrome\Application\46.10.2479.2\chromer.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed]
S4 Basics Service; C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)
S4 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S4 CoolroomDownloadManagerService; C:\Program Files\Coolroom\DownloadManagerService.exe [430080 2009-01-05] (Etherdigital Limited) [File not signed]
S4 EpsonScanSvc; C:\windows\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
S4 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [233472 2013-03-20] (Teruten) [File not signed]
S4 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [803856 2016-01-28] (Garmin Ltd. or its subsidiaries)
S4 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-04-16] (Hewlett-Packard Company) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S4 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
S4 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S4 RalinkRegistryWriter; C:\Program Files\MediatekWiFi\Common\RaRegistry.exe [401096 2014-05-01] (Mediatek Inc.)
S4 RaMediaServer; C:\Program Files\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2259224 2016-01-03] (IBM Corp.)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
S4 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2015-02-08] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [577376 2014-03-13] (Copyright 2013 SAMSUNG)
S4 Scan2PC; C:\Program Files\Scan2PC\Sc2PCSvc.exe [69632 2009-08-10] () [File not signed]
S4 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S4 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcbtums; C:\windows\System32\drivers\bcbtums.sys [170552 2012-09-24] (Broadcom Corporation.)
R3 btwampfl; C:\windows\System32\DRIVERS\btwampfl.sys [507704 2012-07-03] (Broadcom Corporation.)
R3 dfmirage; C:\windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-04] (DemoForge, LLC)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 HTCAND32; C:\windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [94936 2015-10-05] (Malwarebytes)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 netr28u; C:\windows\System32\DRIVERS\netr28u.sys [1704648 2014-01-24] (Ralink Technology Corp.)
R1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507079.sys [558456 2015-12-06] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [295000 2016-01-03] (IBM Corp.)
R0 RapportHades; C:\windows\System32\Drivers\RapportHades.sys [71384 2015-11-24] (IBM Corp.)
R0 RapportKELL; C:\windows\System32\Drivers\RapportKELL.sys [224344 2016-01-03] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [352408 2016-01-03] (IBM Corp.)
R3 rtsuvc; C:\windows\System32\DRIVERS\rtsuvc.sys [73344 2010-01-30] (Realtek Semiconductor Corp.)
S3 usbrndis6; C:\windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 eapihdrv; \??\C:\Users\da\AppData\Local\Temp\ehdrv.sys [X]
R1 MpKsla68729ab; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{300D3DEF-2A74-4DBF-866B-2FBB805891B4}\MpKsla68729ab.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 22:17 - 2016-02-18 22:18 - 00021705 _____ C:\Users\da\Desktop\FRST.txt
2016-02-18 22:12 - 2016-02-18 22:12 - 00005810 _____ C:\Users\da\Desktop\Overdue Invoices 2015.xlsx - Shortcut.lnk
2016-02-15 12:20 - 2016-02-15 12:24 - 00000000 ____D C:\Users\da\Documents\My PageManager
2016-02-14 17:49 - 2016-02-14 17:49 - 00899584 _____ (Farbar) C:\Users\da\Desktop\FSS.exe
2016-02-11 14:46 - 2016-02-11 14:46 - 02870984 _____ (ESET) C:\Users\da\Downloads\esetsmartinstaller_enu.exe
2016-02-11 11:59 - 2016-01-16 18:36 - 01413632 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-02-11 11:57 - 2016-01-07 17:47 - 02386944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-02-11 11:57 - 2016-01-07 17:35 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-02-11 11:57 - 2016-01-06 18:41 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-02-11 11:57 - 2016-01-06 17:56 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-02-11 11:57 - 2015-12-20 18:45 - 02745856 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-02-11 11:57 - 2015-12-20 18:45 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2016-02-11 11:57 - 2015-12-20 16:16 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-02-11 11:56 - 2016-01-22 06:13 - 03993536 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2016-02-11 11:56 - 2016-01-22 06:13 - 03938752 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-02-11 11:56 - 2016-01-22 06:13 - 00138176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-02-11 11:56 - 2016-01-22 06:13 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-02-11 11:56 - 2016-01-22 06:09 - 01310232 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-02-11 11:56 - 2016-01-22 06:06 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-02-11 11:56 - 2016-01-22 06:05 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-02-11 11:56 - 2016-01-22 06:05 - 00251392 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-02-11 11:56 - 2016-01-22 06:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-02-11 11:56 - 2016-01-22 06:04 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-02-11 11:56 - 2016-01-22 06:04 - 00535040 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 01060864 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\msorcl32.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00114176 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-02-11 11:56 - 2016-01-22 06:02 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00642560 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 05:07 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-02-11 11:56 - 2016-01-22 05:01 - 00271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-02-11 11:56 - 2016-01-22 05:00 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-02-11 11:56 - 2016-01-22 04:53 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-02-11 11:56 - 2016-01-22 04:53 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-02-11 11:56 - 2016-01-22 04:53 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-02-11 11:56 - 2016-01-22 04:51 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-02-11 11:56 - 2016-01-22 04:51 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-02-11 11:56 - 2016-01-22 04:51 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-02-11 11:56 - 2016-01-22 04:51 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-02-11 11:56 - 2016-01-22 04:51 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 04:51 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 04:51 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 11:56 - 2016-01-22 04:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 11:53 - 2016-02-06 10:01 - 20366848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-02-11 11:53 - 2016-02-06 09:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-02-11 11:53 - 2016-02-06 09:43 - 02280448 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-02-11 11:53 - 2016-02-06 09:38 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-02-11 11:53 - 2016-02-06 09:16 - 12857856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-02-11 11:53 - 2016-02-06 08:54 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-02-11 11:52 - 2016-01-22 20:10 - 00341200 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-02-11 11:52 - 2016-01-22 06:14 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-02-11 11:52 - 2016-01-22 06:02 - 00496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-02-11 11:52 - 2016-01-22 06:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-02-11 11:52 - 2016-01-22 06:01 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-02-11 11:52 - 2016-01-22 06:01 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-02-11 11:52 - 2016-01-22 06:00 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-02-11 11:52 - 2016-01-22 05:55 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-02-11 11:52 - 2016-01-22 05:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-02-11 11:52 - 2016-01-22 05:52 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-02-11 11:52 - 2016-01-22 05:51 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-02-11 11:52 - 2016-01-22 05:51 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-02-11 11:52 - 2016-01-22 05:51 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-02-11 11:52 - 2016-01-22 05:46 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-11 11:52 - 2016-01-22 05:43 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-02-11 11:52 - 2016-01-22 05:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-11 11:52 - 2016-01-22 05:38 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-02-11 11:52 - 2016-01-22 05:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-02-11 11:52 - 2016-01-22 05:35 - 04611072 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-02-11 11:52 - 2016-01-22 05:35 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-02-11 11:52 - 2016-01-22 05:34 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-02-11 11:52 - 2016-01-22 05:33 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-02-11 11:52 - 2016-01-22 05:27 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-02-11 11:52 - 2016-01-22 05:25 - 00687104 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-02-11 11:52 - 2016-01-22 05:25 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-02-11 11:52 - 2016-01-22 05:24 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-02-11 11:52 - 2016-01-22 05:24 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-02-11 11:52 - 2016-01-22 05:07 - 02120704 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-02-11 11:52 - 2016-01-22 05:02 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-02-09 10:30 - 2016-02-09 10:30 - 01508352 _____ C:\Users\da\Downloads\adwcleaner_5.033.exe
2016-02-09 09:41 - 2016-02-09 09:41 - 01609032 _____ (Malwarebytes) C:\Users\da\Downloads\JRT.exe
2016-02-09 09:18 - 2016-02-11 14:22 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 09:16 - 2016-02-18 21:52 - 00000874 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-09 09:16 - 2016-02-18 21:37 - 00000878 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-09 09:15 - 2016-02-09 09:15 - 00987728 _____ (Google Inc.) C:\Users\da\Downloads\ChromeSetup.exe
2016-02-08 22:16 - 2016-02-18 22:17 - 00000000 ____D C:\Users\da\Desktop\FRST-OlderVersion
2016-02-08 22:05 - 2016-02-08 22:05 - 00002414 _____ C:\Users\da\Downloads\fixlist.txt
2016-02-06 14:44 - 2016-02-18 22:17 - 00000000 ____D C:\FRST
2016-02-06 14:42 - 2016-02-18 22:17 - 01722368 _____ (Farbar) C:\Users\da\Desktop\FRST.exe
2016-02-06 12:49 - 2015-08-05 17:40 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2016-02-06 12:49 - 2015-08-05 16:58 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-02-06 12:48 - 2016-01-22 06:05 - 12877824 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-02-06 12:48 - 2016-01-22 06:00 - 01498624 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-02-06 12:48 - 2016-01-22 05:59 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-02-06 12:48 - 2016-01-22 05:12 - 02973184 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-02-06 12:47 - 2016-01-16 18:42 - 00022464 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-02-06 12:47 - 2016-01-16 18:34 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-02-06 12:47 - 2016-01-11 14:07 - 01198080 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-02-06 12:47 - 2016-01-11 14:07 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-02-06 12:47 - 2016-01-11 14:07 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-02-06 12:47 - 2016-01-11 14:07 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-02-06 12:47 - 2016-01-11 14:07 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-02-06 12:32 - 2015-12-16 18:47 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-02-06 12:32 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-02-06 12:32 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-02-06 12:32 - 2015-12-16 18:43 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-02-06 12:30 - 2016-02-06 12:33 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-02-06 12:27 - 2016-01-11 18:47 - 02956288 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-02-06 12:27 - 2016-01-11 18:47 - 00174080 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-02-06 12:27 - 2016-01-11 18:35 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-02-06 12:27 - 2016-01-11 18:17 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-02-06 12:27 - 2016-01-11 18:14 - 00573440 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-02-06 12:27 - 2016-01-11 18:14 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-02-06 12:27 - 2016-01-11 18:14 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-02-06 12:27 - 2016-01-11 18:14 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-02-06 12:27 - 2016-01-11 18:14 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-02-06 12:27 - 2016-01-11 18:14 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-02-06 12:27 - 2016-01-11 18:14 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-02-06 12:20 - 2016-02-06 12:33 - 00000000 ____D C:\windows\WindowsMobile
2016-02-06 12:17 - 2016-02-06 12:17 - 12644232 _____ (Microsoft Corporation) C:\Users\da\Downloads\drvupdate-x86.exe
2016-02-06 11:05 - 2016-02-06 11:05 - 00000375 _____ C:\windows\system32\Drivers\etc\hosts.ics
2016-02-06 10:39 - 2016-02-06 10:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-02-06 10:38 - 2016-02-06 10:38 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2016-02-05 19:32 - 2016-02-05 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2016-02-05 19:26 - 2016-02-05 19:26 - 00001770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\IDT Audio Control Panel.lnk
2016-02-05 19:23 - 2010-01-29 04:15 - 00527360 ____N (IDT, Inc.) C:\windows\system32\stapi32.dll
2016-02-05 19:17 - 2010-01-29 04:15 - 12423260 _____ (IDT, Inc.) C:\windows\system32\idtcpl.cpl
2016-02-05 19:17 - 2010-01-29 04:15 - 03350528 _____ (IDT, Inc.) C:\windows\system32\stlang.dll
2016-02-05 19:17 - 2010-01-29 04:15 - 00495708 _____ (IDT, Inc.) C:\windows\sttray.exe
2016-02-05 19:17 - 2010-01-27 10:28 - 00140288 _____ (Andrea Electronics Corporation) C:\windows\system32\aestacap.dll
2016-02-05 19:17 - 2009-10-10 08:45 - 00380928 _____ (Andrea Electronics Corporation) C:\windows\system32\aestecap.dll
2016-02-05 19:17 - 2009-03-03 09:57 - 00061440 _____ (Andrea Electronics Corporation) C:\windows\system32\aestaren.dll
2016-02-05 19:16 - 2010-01-29 04:15 - 00175616 _____ (IDT, Inc.) C:\windows\system32\staco.dll
2016-02-05 19:11 - 2010-01-30 05:45 - 00073344 ____R (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTSUVC.SYS
2016-02-05 19:11 - 2010-01-22 00:41 - 00122880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtsUvcExt.dll
2016-02-05 19:11 - 2009-12-23 00:20 - 00327680 _____ (Realtek Semiconductor Corp.) C:\windows\RtsUvcUninst.exe
2016-02-02 20:36 - 2016-02-02 20:36 - 00001901 _____ C:\Users\Public\Desktop\Garmin Express.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 22:11 - 2010-11-03 11:46 - 00126336 _____ C:\Users\da\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-18 22:05 - 2012-04-04 08:55 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-18 22:04 - 2010-12-23 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-18 22:04 - 2009-07-14 04:34 - 00025648 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-18 22:04 - 2009-07-14 04:34 - 00025648 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-18 22:02 - 2010-12-23 13:54 - 00000000 ____D C:\Program Files\Microsoft Works
2016-02-18 22:02 - 2010-06-10 07:40 - 00000000 ____D C:\Program Files\Microsoft Office
2016-02-18 22:01 - 2010-04-25 20:36 - 00000000 ____D C:\windows\ShellNew
2016-02-18 22:01 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-18 21:57 - 2009-07-14 02:04 - 00000478 _____ C:\windows\win.ini
2016-02-18 21:51 - 2009-07-14 04:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-18 21:51 - 2009-07-14 04:33 - 00455928 _____ C:\windows\system32\FNTCACHE.DAT
2016-02-18 21:37 - 2015-06-22 10:31 - 00000906 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job
2016-02-18 21:37 - 2012-11-15 20:36 - 00000896 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job
2016-02-18 21:37 - 2011-07-26 15:36 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForDAWNGREENAWAY$.job
2016-02-17 18:18 - 2010-11-16 13:43 - 00000000 ____D C:\Users\da\Documents\Mum & Dad
2016-02-17 18:13 - 2009-07-14 04:53 - 00032620 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-02-17 17:54 - 2010-11-20 15:12 - 00013030 _____ C:\PDOXUSRS.NET
2016-02-16 17:45 - 2011-11-30 08:26 - 00000000 ____D C:\windows\pss
2016-02-16 17:34 - 2010-11-15 12:43 - 00000000 ___RD C:\Users\da\Documents\My Dropbox
2016-02-16 17:33 - 2010-11-15 12:40 - 00000000 ____D C:\Users\da\AppData\Roaming\Dropbox
2016-02-16 17:31 - 2010-06-10 07:36 - 00000000 ____D C:\ProgramData\PDFC
2016-02-16 17:30 - 2013-12-02 21:46 - 00000000 ____D C:\Users\da\AppData\Roaming\.oit
2016-02-15 18:08 - 2015-02-26 19:50 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-15 11:30 - 2015-08-24 10:01 - 00000308 _____ C:\windows\Tasks\HPCeeScheduleForda.job
2016-02-15 11:29 - 2015-06-22 10:30 - 00000854 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job
2016-02-15 10:01 - 2015-12-24 14:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-15 10:01 - 2012-05-02 21:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-14 17:40 - 2014-10-12 16:23 - 00000000 ____D C:\Users\da\Desktop\Old Firefox Data
2016-02-11 13:54 - 2009-07-14 02:37 - 00000000 ____D C:\windows\rescache
2016-02-11 13:14 - 2010-06-10 07:19 - 00785302 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-11 13:14 - 2009-07-14 02:37 - 00000000 ____D C:\windows\inf
2016-02-11 12:58 - 2010-04-25 20:36 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 22:21 - 2012-04-04 08:55 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-02-09 22:21 - 2011-05-30 09:54 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-09 11:33 - 2015-07-25 21:29 - 00000000 ____D C:\AdwCleaner
2016-02-09 09:29 - 2013-09-25 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-09 09:18 - 2010-11-14 16:17 - 00000000 ____D C:\Program Files\Google
2016-02-09 08:41 - 2015-08-25 20:20 - 00000000 ____D C:\ProgramData\chrome
2016-02-09 00:36 - 2012-11-15 20:36 - 00000844 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job
2016-02-06 13:51 - 2010-12-14 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GroupMail 5
2016-02-06 13:51 - 2010-12-14 11:52 - 00000000 ____D C:\Program Files\GroupMail 5
2016-02-06 13:39 - 2010-11-03 11:58 - 00000000 ___RD C:\Users\da\Virtual Machines
2016-02-06 13:31 - 2014-12-12 12:34 - 00000000 ____D C:\windows\system32\appraiser
2016-02-06 13:31 - 2014-04-27 18:53 - 00000000 ___SD C:\windows\system32\CompatTel
2016-02-06 11:31 - 2010-11-05 20:34 - 00000000 ____D C:\Users\da\AppData\Local\ElevatedDiagnostics
2016-02-05 20:00 - 2010-06-10 07:48 - 00000000 ____D C:\ProgramData\Uninstall
2016-02-05 20:00 - 2010-06-10 07:46 - 00000000 ____D C:\Program Files\Common Files\Roxio Shared
2016-02-05 20:00 - 2010-06-10 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-02-05 20:00 - 2010-06-10 07:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-02-05 19:58 - 2010-06-10 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
2016-02-05 19:58 - 2010-06-10 07:36 - 00000000 ____D C:\Program Files\PDF Complete
2016-02-05 19:57 - 2010-06-10 07:49 - 00000000 ____D C:\windows\Hewlett-Packard
2016-02-05 19:56 - 2010-11-03 11:49 - 00000000 ____D C:\Users\da\AppData\Roaming\Hewlett-Packard
2016-02-05 19:42 - 2010-06-10 07:59 - 00000000 ____D C:\Program Files\Realtek
2016-02-05 19:25 - 2010-08-11 07:14 - 00000000 ____D C:\Program Files\IDT
2016-02-05 19:13 - 2010-11-03 11:48 - 00000000 ____D C:\Users\da\AppData\Roaming\hpqLog
2016-02-05 19:08 - 2010-02-23 18:45 - 00000000 ___HD C:\SYSTEM.SAV
2016-02-05 14:56 - 2010-11-03 11:45 - 00000000 ____D C:\Users\da
2016-02-05 13:01 - 2010-04-25 20:36 - 00000000 ____D C:\windows\CSC
2016-02-02 20:37 - 2010-11-16 15:55 - 00000000 ____D C:\Program Files\Garmin
2016-02-02 20:36 - 2011-04-07 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-02-02 20:34 - 2014-10-16 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-31 15:07 - 2015-08-09 13:39 - 00000000 ____D C:\Users\da\AppData\Local\Garmin_Ltd._or_its_subsid
2016-01-29 13:42 - 2010-11-07 22:00 - 00000000 ___RD C:\Users\da\Documents\Password
2016-01-25 12:03 - 2015-11-17 18:47 - 00000000 ____D C:\Users\da\Documents\Funeral Work
2016-01-22 16:10 - 2010-11-16 14:10 - 00000000 ____D C:\Users\da\Documents\Personal

==================== Files in the root of some directories =======

2013-01-12 16:40 - 2013-01-12 17:20 - 0025629 _____ () C:\Users\da\AppData\Roaming\Comma Separated Values (DOS).ADR
2013-01-14 17:27 - 2014-01-06 20:02 - 0025593 _____ () C:\Users\da\AppData\Roaming\Comma Separated Values (Windows).ADR
2011-03-08 12:00 - 2011-06-22 11:53 - 0001849 _____ () C:\Users\da\AppData\Roaming\GhostObjGAFix.xml
2011-03-28 15:03 - 2012-02-03 14:45 - 0022784 _____ () C:\Users\da\AppData\Roaming\Microsoft Excel 97-2003.ADR
2010-11-20 15:14 - 2010-11-20 15:15 - 0033280 ___SH () C:\Users\da\AppData\Roaming\Thumbs.db
2012-05-17 16:03 - 2012-11-22 16:29 - 0007106 _____ () C:\Users\da\AppData\Roaming\unins003.dat
2010-11-17 19:50 - 2010-11-17 19:51 - 0027623 _____ () C:\Users\da\AppData\Roaming\UserTile.png
2014-01-08 21:01 - 2014-01-08 21:01 - 0000059 _____ () C:\Users\da\AppData\Roaming\WB.CFG
2011-01-30 10:33 - 2012-05-12 19:59 - 0009728 _____ () C:\Users\da\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-15 12:14 - 2015-11-12 22:27 - 0007603 _____ () C:\Users\da\AppData\Local\Resmon.ResmonCfg
2012-07-20 13:32 - 2012-07-20 13:33 - 0258348 _____ () C:\Users\da\AppData\Local\rx_image32.Cache
2015-12-13 23:57 - 2015-12-13 23:57 - 0980170 _____ () C:\Users\da\AppData\Local\WAV-to-MP3-Converter_1533.rar
2010-11-07 19:52 - 2010-11-07 19:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-06-10 07:57 - 2015-07-22 20:50 - 0000426 _____ () C:\ProgramData\HPWALog.txt
2015-07-22 21:16 - 2015-07-22 21:16 - 0001664 _____ () C:\ProgramData\tempimage.bmp

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-09 04:12

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-02-2016
Ran by da (2016-02-18 22:19:45)
Running from C:\Users\da\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2010-11-03 11:44:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3932258823-1374462109-926273279-500 - Administrator - Disabled)
da (S-1-5-21-3932258823-1374462109-926273279-1001 - Administrator - Enabled) => C:\Users\da
Guest (S-1-5-21-3932258823-1374462109-926273279-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3932258823-1374462109-926273279-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Cashbook (HKLM\...\{ACF23689-C863-47CF-90BD-1082B60B0F19}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coolroom (HKLM\...\{734C8402-3F5D-495D-A463-3176B46775E9}) (Version: 1.0.0 - Ether Digital)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DemoForge Mirage Driver for TightVNC 2.0 (HKLM\...\DemoForge Mirage Driver for TightVNC_is1) (Version: 2.0 - DemoForge LLC)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Manager (HKLM\...\InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}) (Version: 1.00.0012 - Seagate Technology)
Drive Manager (Version: 1.00.0012 - Seagate Technology) Hidden
Dropbox (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Elevated Installer (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Connect Guide (HKLM\...\Epson Connect Guide) (Version:  - )
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{E402F650-650F-45C0-8F7A-00678D6AA0F6}) (Version: 2.6.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{5662F323-3D9C-4100-B60C-BC71B47DD0A1}) (Version: 3.10.0041 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.60.00 - SEIKO EPSON CORPORATION)
EPSON Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.40.0.0 - SEIKO EPSON CORPORATION)
Epson Network Guide WF-3520 Series (HKLM\...\WF-3520 Series Netg) (Version:  - )
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Finder (HKLM\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Remote Print Uninstall (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.00.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON Universal Print Driver Printer Uninstall (HKLM\...\EPSON Universal Print Driver) (Version:  - SEIKO EPSON Corporation)
Epson User's Guide WF-3520 Series (HKLM\...\WF-3520 Series Useg) (Version:  - )
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
EPSON WF-7610 Series Printer Uninstall (HKLM\...\EPSON WF-7610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FUJIFILM MyFinePix Studio 2.0 (HKLM\...\FinePix Genie_is1) (Version:  - )
Garmin City Navigator Europe NTU 2015.30 (HKLM\...\{63F1BF21-7435-4055-AA71-7ED2B7948C8C}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 5.2.0.952 (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\GoToMeeting) (Version: 5.2.0.952 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{206E1EEB-027A-4FC0-B4ED-6E48203BD49A}) (Version: 1.1.1.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{9161546B-336A-4E3D-B049-F25A400558C6}) (Version: 3.5.14.1 - Hewlett-Packard Company)
HP Setup (HKLM\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.17.13 - Roxio)
HP Webcam Driver (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2057 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{F16EA575-26A5-4DAD-A800-95267BE02C12}) (Version: 12.3.2.35 - Apple Inc.)
Java™ 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LightScribe Diagnostic Utility (HKLM\...\{05F8CCEB-1EDD-4996-A0E0-FF6EDB1E75EA}) (Version: 1.18.23.1 - LightScribe)
LightScribe System Software (HKLM\...\{10427BCB-0742-43BE-81E2-3920972946F5}) (Version: 1.18.23.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{2765F726-849C-47B2-A82C-B257DFC0E01C}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mediatek RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.0 - MediatekWiFi)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-GB)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\MusicManager) (Version:  - Google, Inc.)
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naviextras Toolbox (HKLM\...\Naviextras Toolbox) (Version: 3.18.0.330918 - NNG Llc.)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nuance PaperPort 12 (HKLM\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.116 - PDF Complete, Inc)
Presto! PageManager 9.03 SE (HKLM\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAF (HKLM\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
Rapport (Version: 3.5.1507.99 - Trusteer) Hidden
RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
REALTEK Wireless LAN Software (HKLM\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 1.8.0.1403131552 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1403131552 - Copyright 2013 SAMSUNG)
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan2PC (HKLM\...\{E59F8AF2-78D4-4355-B0EF-58C466C1242C}) (Version: 1.3.0.21 - Q)
ScanSoft OmniPage SE 4 (HKLM\...\{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Scansoft PDF Professional (Version:  - ) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.8 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SkyPlayer for Windows Media Center (HKLM\...\{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}) (Version: 4.4.2.0 - Microsoft Corporation)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.9385  - TeamViewer GmbH)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1507.99 - Trusteer)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VPresent (HKLM\...\{72478BBA-D832-4E6B-93A0-E89431E7A8BB}) (Version: 2.2.20.0 - VPresent)
WAV MP3 Converter v4.3 build 1287 (HKLM\...\{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1) (Version:  - Hoo Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
XHeader (HKLM\...\XHeader) (Version: 1.205 - Intellimon)
XHeader Bonus Download (HKLM\...\XHeader Bonus Download) (Version: 1.215 - Intellimon)
XSitePro2 (HKLM\...\XSitePro2) (Version: 2.149 - Intellimon Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\952\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F4D914B-D23A-4698-9D86-8ACB7897DC18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {1A22CA1F-7997-4B9F-A089-DC8E8692B595} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {1D155B23-AA5A-4708-9AC8-6F70453E36D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {201099AB-76BD-4D1D-9760-513BFCE3018E} - System32\Tasks\{E092E56F-395B-4834-BD8C-022B3A0CB4C7} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {215EDD27-4061-4692-85EB-BA9400CB7E97} - System32\Tasks\{D6654F95-01F1-4535-A7B0-0B5D854A4744} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {2A3DBE0A-CCE6-4B31-888B-376FD16A0D93} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2F1660A0-1A6A-4C32-911B-49CDB141E730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E383FA3-0751-435B-A033-768AE7B4518C} - System32\Tasks\{9971F867-1FB6-4487-9934-640788B097E5} => C:\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe [2012-10-17] (Broadcom Corporation.)
Task: {4540BA04-7903-43AC-BEB5-564A2C911F00} - System32\Tasks\{EB61F18D-E9FC-492A-BD73-A7A0B7853034} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {5119A49C-A9BE-47BD-892D-27E0C3D89844} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {512E6DEB-CB5D-4CAE-A4BC-4318839733A2} - System32\Tasks\{7009BCAC-1A27-42E3-86C4-65A0C2B39D76} => pcalua.exe -a C:\Users\da\Documents\Downloads\mx850sosmwin110encm.exe -d C:\Users\da\Documents\Downloads
Task: {5269F030-F140-4AB5-B008-E287DE58068C} - System32\Tasks\HPCeeScheduleForDAWNGREENAWAY$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {53790E83-EE53-42F8-BCAC-6848B107DF0F} - System32\Tasks\{F59679D7-FC51-4653-8FEC-61D0BEF9341A} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp55212.exe" -d C:\windows\system32
Task: {53A30C8F-5015-4623-9556-D61E4C48F136} - System32\Tasks\{4BE21352-3767-4BAE-9682-EEA5DECECC26} => pcalua.exe -a C:\Users\da\Downloads\gm5p_setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {563BBA89-3EAB-44C9-BB33-BE2A91E979F7} - System32\Tasks\{5726758E-0E12-4B00-A9C1-EC425E3E67E9} => pcalua.exe -a C:\Users\da\Downloads\mx850sndwin250a_ntwin250aen.exe -d C:\windows\system32
Task: {58CF2000-3DF4-4BFD-A7E6-4CDE87C7510C} - System32\Tasks\{3AEAE054-AE02-4D8E-B440-367E284DD5FE} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Task: {58F0462E-60D8-47C6-9129-0897ACCB790A} - System32\Tasks\{34B0F794-6A48-468E-AAE5-865BD937F693} => C:\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe [2012-10-17] (Broadcom Corporation.)
Task: {59DCAD36-AE95-48FC-8E12-36A8DF107D5D} - System32\Tasks\{1F4A81E3-C3E1-4D1E-BB3C-332F4F7742DF} => pcalua.exe -a C:\Users\da\Downloads\gm5b_setup(1).exe -d "C:\Program Files\Mozilla Firefox"
Task: {59E11070-5D93-4431-B450-FBEA77875978} - System32\Tasks\{CA656C04-5BF8-410E-872D-7817A33A4A9F} => C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe [2012-10-17] (Broadcom Corporation.)
Task: {5F1E2E3C-7A47-412D-8A4F-E61ACEA87DD1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {6845CE20-E427-49D8-9A5D-85B5F0ECCDAD} - System32\Tasks\{F60E4F7A-3FED-4AD3-8AE6-385BCE906DB9} => pcalua.exe -a C:\Users\da\Downloads\gm5b_setup(2).exe -d "C:\Program Files\Mozilla Firefox"
Task: {6AFAE6E9-C995-4A27-886E-8755077D9A96} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] ()
Task: {6BAAB1C4-16D4-4C17-9816-EBD8A0A5361D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {6E3307BB-159D-477F-A58F-D6F0F4DE0193} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {6F022D1F-A9B6-4013-8774-BCBE8E6D50A7} - System32\Tasks\{E85CE766-B81C-4DAC-B042-84B6A871C31E} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=12029
Task: {71F186F6-2079-4545-9F21-A1CCD3E450E2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {79232A21-173A-4382-BB1C-1C9840C730EB} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {7B367C6E-E9C3-4D5A-B441-D023DE5A5B75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {85F59070-DF3B-4E8D-A45A-DBCE4F9FA3CE} - System32\Tasks\{3FDFF92D-A9E8-4F2E-941F-71435EA4F174} => pcalua.exe -a C:\Users\da\Downloads\gm5p_setup(1).exe -d C:\Users\da\Documents
Task: {873A4D05-EA53-4E69-8997-7368778570E1} - System32\Tasks\{84D08FB8-D0B2-4078-BB1F-F67201567C63} => pcalua.exe -a C:\Users\da\Documents\Downloads\sp64082.exe -d C:\Users\da\Documents\Downloads
Task: {8A35A498-D71B-41E6-A24C-F0F57F0633A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {8AEE7B73-E521-461C-AC04-563928049765} - System32\Tasks\HPCeeScheduleForda => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {9418BA41-11D2-4140-B8C7-C28574C6A5B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {9AD90831-66E9-434A-9559-D587D586FAF5} - System32\Tasks\{AEA9E9C1-C1CF-4DCE-96CD-CA813A46C0F1} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp52183.exe" -d C:\windows\system32
Task: {9D7CE0C7-ED02-4D61-94B2-23EEFD8BC355} - System32\Tasks\{615FAF27-C7EB-462C-86C2-148115F378DF} => pcalua.exe -a C:\Users\da\Downloads\sp54620(3).exe -d C:\Users\da\Downloads
Task: {9DF82888-5EC2-4E3F-A4F9-24C883C5C4D6} - System32\Tasks\{1421478B-3720-459C-A7E4-BF916691451C} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {9ED0B1BD-3CA8-42D3-8ED0-92DB646D3888} - System32\Tasks\{0C410A45-3F33-439F-9975-B5068AD71D39} => pcalua.exe -a C:\Users\da\Downloads\aomwin200ea24(2).exe -d C:\windows\system32
Task: {A13AFD25-3608-4701-AC47-5644511BC98D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {A72C4338-CF0F-482B-BD07-DECF529E7C1F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {B4227801-F9B1-4AEC-8912-842332F7F5EF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {B59AA59D-DFA8-4C59-B76A-D4E6E442DED7} - System32\Tasks\{0F598EE6-A424-4CE6-9EF6-A65D68DEDC09} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp54982.exe" -d C:\windows\system32
Task: {B621ABD7-1AE6-4C49-94B4-187FAC2A5EA9} - System32\Tasks\{A550B53A-5339-4364-9954-C8A9D91FD65C} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp50180.exe" -d C:\windows\system32
Task: {BE96B368-0730-4A2B-BE3E-A138B4888852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {C0B444EA-CA63-4FCB-91C2-C3E18A6406E2} - System32\Tasks\{5519F5E1-5775-4D51-9DBC-904D7D2F662D} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Task: {C629AB7B-A7EB-4D92-AC0C-D2C48FFCDB31} - System32\Tasks\{8319F902-19E7-4E3B-BC86-F617AB63A60E} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {C6987233-1F5B-4ED0-9A20-F2D1A68ED4B1} - System32\Tasks\{8EEA20BD-0453-4013-AF29-E1F027F7222F} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {C9601CC5-7735-468C-B860-4F286AF83624} - System32\Tasks\CCleaner => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {CE286AE4-9C5C-4C65-9881-79C0E82FFE9F} - System32\Tasks\{2BDA8AEB-C4C5-405E-9D78-3C7A9D3C2F71} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {D0C22EBC-C1B1-4ACD-8AFC-AEDC89B6006A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D23DE358-03D5-41EB-82A5-493CD1E8DB2A} - System32\Tasks\{8EB4FDDC-3DD7-4A74-9D6D-47A92B40EC46} => pcalua.exe -a C:\Users\da\Downloads\mx850swin101ea24.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D24C8C35-ABE1-458A-AF8F-67EF6025599E} - System32\Tasks\{A3D83E62-E1E0-40A6-9F9E-C407A1C3E652} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {D86D295C-C96F-445C-8FFD-0816FDF9411B} - System32\Tasks\{26D0E011-638C-47F1-A146-FC24BDDCBFA7} => pcalua.exe -a C:\Users\da\Downloads\PM90310ML.exe -d C:\Users\da\Downloads
Task: {DAE2F664-3E38-40ED-85CF-8C0FE23CFC4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {DBBD5577-570B-4B39-BA55-8325FA731752} - System32\Tasks\{ACCE6506-EA6A-4726-9228-68FE7A1F35A8} => pcalua.exe -a C:\Users\da\Documents\Downloads\sp47022.exe -d C:\Users\da\Documents\Downloads
Task: {DEE0E42F-CC3D-41A3-A272-2D6EC0B2DA62} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {DF1F9333-B5F8-48A4-A5A6-B95D160E5D71} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E0AC77B5-2592-4069-9548-5C6FCC7270D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {EE884B8D-A8CB-47DA-BB98-5D638365C448} - System32\Tasks\{4E9E56B3-4C15-4F41-A050-4443CF04C01E} => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForda.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForDAWNGREENAWAY$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\driversupport.com -> hxxps://apps.driversupport.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2016-02-14 17:01 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\da\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AllShare Framework DMS => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Basics Service => 2
MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CoolroomDownloadManagerService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: Garmin Device Interaction Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpHotkeyMonitor => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyEpson Portal Service => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RaMediaServer => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RealPlayer Cloud Service => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: RoxMediaDB10 => 3
MSCONFIG\Services: Samsung Link Service => 2
MSCONFIG\Services: Scan2PC => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: TeamViewer5 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mediatek Wireless Utility.lnk => C:\windows\pss\Mediatek Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^da^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: basicsmssmenu => "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Dropbox Update => "C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "c:\program files\itunes\ituneshelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MusicManager => "C:\Users\da\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMSpeed => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE
MSCONFIG\startupreg: QLBController => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: WrtMon.exe => C:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{9C3694A9-6C8A-485B-9B56-7A4B02AF375B}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Block) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{FE76E81A-1648-4799-AC6D-3EE5D9DA2D67}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Block) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{17C68C74-0542-4EEE-8A0B-49592FDEA6D9}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{724D3BA5-84E7-4A6B-B532-77A2D17FF065}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{4DB6CA90-83F1-4E99-9AC0-0C49E9ABDF0A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3CFBF9E7-CBB6-45F2-B771-7E5E0E6780C2}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{CA2EEDE8-C4EB-482C-9C20-B98BF29CD883}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{CF1D53DC-0D23-496A-9D9A-E15EC3D65C2B}C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe] => (Allow) C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe
FirewallRules: [UDP Query User{835BDAB4-922F-4A84-91BA-7D83B7281E38}C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe] => (Allow) C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe

==================== Restore Points =========================

11-02-2016 12:05:15 Windows Update
11-02-2016 20:59:41 Windows Update
14-02-2016 16:51:50 Restore Point Created by FRST
15-02-2016 12:21:44 Windows Update
18-02-2016 21:38:46 Removed Microsoft Office Small Business 2007
18-02-2016 21:55:25 Installed Microsoft Office Small Business 2007
18-02-2016 22:05:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2016 09:55:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {070da61c-eb5f-4466-a709-a9e861a5f213}

Error: (02/18/2016 09:50:11 PM) (Source: MsiInstaller) (EventID: 11719) (User: DAWNGREENAWAY)
Description: Product: Microsoft Office FrontPage 2003 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (02/18/2016 09:38:45 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {b22e875a-e579-4712-83cc-522ba0122516}

Error: (02/17/2016 05:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msconfig.exe, version: 6.1.7601.17514, time stamp: 0x4ce78d12
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x206e7572
Faulting process id: 0x13a8
Faulting application start time: 0xmsconfig.exe0
Faulting application path: msconfig.exe1
Faulting module path: msconfig.exe2
Report Id: msconfig.exe3

Error: (02/17/2016 01:51:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/17/2016 01:47:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/17/2016 01:47:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/15/2016 11:25:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 440: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (02/15/2016 11:25:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/15/2016 11:23:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 460: ERROR: read_msg errno 0 (The operation completed successfully.)


System errors:
=============
Error: (02/18/2016 09:36:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/17/2016 06:38:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/17/2016 06:13:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/17/2016 06:13:27 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%886

    Error Code: 0x80070005

    Error description: Access is denied.

    Reason: %%892

Error: (02/17/2016 06:09:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (02/17/2016 05:51:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (02/17/2016 05:26:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/17/2016 05:24:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/17/2016 05:10:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (02/17/2016 05:01:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 43%
Total physical RAM: 3000.27 MB
Available physical RAM: 1708.1 MB
Total Virtual: 5998.85 MB
Available Virtual: 4716.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.79 GB) (Free:73.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DE5AC82A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================


  • 0

#19
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

On opening FF and using it, it is not responding again and flashing.  Not as bad as originally but bad enough.


  • 0

#20
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Thanks for the update on the computer. :)

You have this program installed Skype Click to Call which is used to make dialling numbers on websites easier. My research shows this has been know to cause issues with office and also poor performance and stability. If you don't use it I would recommend you uninstall it.


To do this:
Please go to Start Menu -> Control Panel -> Uninstall a program or Programs and Features
In the list of installed programs locate and click on the program to uninstall e.g. Skype Click to Call
Click uninstall.

Then run the following FRST fix.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
Task: {58CF2000-3DF4-4BFD-A7E6-4CDE87C7510C} - System32\Tasks\{3AEAE054-AE02-4D8E-B440-367E284DD5FE} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Task: {6F022D1F-A9B6-4013-8774-BCBE8E6D50A7} - System32\Tasks\{E85CE766-B81C-4DAC-B042-84B6A871C31E} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=12029
Task: {C0B444EA-CA63-4FCB-91C2-C3E18A6406E2} - System32\Tasks\{5519F5E1-5775-4D51-9DBC-904D7D2F662D} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Hosts:
EmptyTemp:

  • Save this as fixlist.txt, in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.


    Step2 - Process explorer


    Get Process Explorer

    http://live.sysinter...com/procexp.exe
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
  • Click on View > Select Column > tick Verified Signer >OK
  • Click Options >Verify Image Signatures


    Then Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

    Wait a full minute then:

    File, Save As, Save to desktop. Open the file processexplorer.txt on your desktop and copy and paste the text to a reply.


    Things for your next post:
  • Confirm if you have removed Skype Click to Call
  • fixlog.txt (if FRST fix run)
  • process explorer log
  • How is the computer behaving now?

  • 0

#21
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

I confirm that I deleted Skype click to call.

The link for the process explorer didn't work so I looked it up and found it so hopefully it is the same one.  My computer is still not good. I opened up Outlook and replicated the error and did a second procexp run so you could see the difference and saved it as no 2 and will add to another post so it doesn't get mixed up with what you asked me to do.  I am still getting an error when trying to open excel spreadsheets for the first time.  Thank you Dawn

 

Fix result of Farbar Recovery Scan Tool (x86) Version:17-02-2016
Ran by da (2016-02-20 16:03:09) Run:4
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Boot Mode: Normal

==============================================

fixlist content:
*****************
reateRestorePoint:
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
Task: {58CF2000-3DF4-4BFD-A7E6-4CDE87C7510C} - System32\Tasks\{3AEAE054-AE02-4D8E-B440-367E284DD5FE} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Task: {6F022D1F-A9B6-4013-8774-BCBE8E6D50A7} - System32\Tasks\{E85CE766-B81C-4DAC-B042-84B6A871C31E} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=12029
Task: {C0B444EA-CA63-4FCB-91C2-C3E18A6406E2} - System32\Tasks\{5519F5E1-5775-4D51-9DBC-904D7D2F662D} => Firefox.exe hxxp://ui.skype.com/ui/0/4.1.0.179.321/en/go/help.faq.installer?LastError=1603
Hosts:
EmptyTemp:
*****************

reateRestorePoint: => Error: No automatic fix found for this entry.
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe => No running process found
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe => No running process found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
c2cautoupdatesvc => service not found.
c2cpnrsvc => service not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58CF2000-3DF4-4BFD-A7E6-4CDE87C7510C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58CF2000-3DF4-4BFD-A7E6-4CDE87C7510C}" => key removed successfully.
C:\Windows\System32\Tasks\{3AEAE054-AE02-4D8E-B440-367E284DD5FE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3AEAE054-AE02-4D8E-B440-367E284DD5FE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F022D1F-A9B6-4013-8774-BCBE8E6D50A7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F022D1F-A9B6-4013-8774-BCBE8E6D50A7}" => key removed successfully.
C:\Windows\System32\Tasks\{E85CE766-B81C-4DAC-B042-84B6A871C31E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E85CE766-B81C-4DAC-B042-84B6A871C31E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0B444EA-CA63-4FCB-91C2-C3E18A6406E2}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0B444EA-CA63-4FCB-91C2-C3E18A6406E2}" => key removed successfully.
C:\Windows\System32\Tasks\{5519F5E1-5775-4D51-9DBC-904D7D2F662D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5519F5E1-5775-4D51-9DBC-904D7D2F662D}" => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 764.9 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:04:01 ====

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    60.84    0 K    24 K    0            
procexp.exe    20.31    20,212 K    37,932 K    2476    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
RapportMgmtService.exe    4.41    32,068 K    22,744 K    1092    RapportMgmtService    IBM Corp.    (Verified) Trusteer
MsMpEng.exe    4.38    105,532 K    83,560 K    972    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
System    2.91    56 K    3,256 K    4            
dwm.exe    2.65    54,684 K    23,500 K    2812    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    1.51    0 K    0 K    n/a    Hardware Interrupts and DPCs        
csrss.exe    0.68    1,744 K    9,864 K    600    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.44    21,332 K    15,248 K    1164    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.30    18,032 K    27,948 K    1276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
RapportService.exe    0.27    39,964 K    26,996 K    3432    RapportService    IBM Corp.    (Verified) Trusteer
explorer.exe    0.23    34,924 K    51,672 K    2832    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
services.exe    0.23    4,648 K    5,772 K    636    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.15    4,412 K    7,144 K    3692    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe    0.13    35,636 K    14,304 K    3504    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.09    1,324 K    3,268 K    528    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.09    2,760 K    5,308 K    908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
lsass.exe    0.09    3,956 K    9,516 K    656    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe    0.06    6,892 K    9,920 K    888    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
wmpnetwk.exe    0.05    4,900 K    3,080 K    3596    Windows Media Player Network Sharing Service    Microsoft Corporation    (Verified) Microsoft Windows
lsm.exe    0.03    1,296 K    2,956 K    664    Local Session Manager Service    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.03    11,716 K    13,252 K    2884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.03    7,536 K    11,328 K    1244    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.02    13,152 K    11,764 K    1532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
HPSupportSolutionsFrameworkService.exe    0.02    23,932 K    31,360 K    4608    HP Support Solutions Framework Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
WLIDSVC.EXE    0.01    4,428 K    8,168 K    1272    Microsoft® Windows Live ID Service    Microsoft Corp.    (Verified) Microsoft Corporation
svchost.exe    0.01    3,616 K    6,232 K    784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
spoolsv.exe    < 0.01    6,820 K    9,132 K    1732    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    73,912 K    76,224 K    1196    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    1,892 K    4,080 K    1380    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        7,784 K    14,224 K    3916    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVCM.EXE        656 K    2,116 K    2108    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.    (Verified) Microsoft Corporation
winlogon.exe        1,944 K    5,088 K    792    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        944 K    2,984 K    588    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
TrustedInstaller.exe        3,216 K    7,388 K    4248    Windows Modules Installer    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        1,256 K    4,500 K    5708    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        1,180 K    4,312 K    5548    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows
taskeng.exe        1,072 K    3,720 K    5884    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,244 K    3,696 K    1992    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,184 K    6,256 K    5060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        8,056 K    7,660 K    1876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        524 K    2,016 K    5132    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,736 K    6,700 K    2028    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,012 K    3,824 K    4532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    Suspended    224 K    208 K    5664    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        264 K    788 K    336    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows
NisSrv.exe        14,176 K    11,804 K    2416    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
msiexec.exe        1,636 K    5,512 K    4492    Windows® installer    Microsoft Corporation    (Verified) Microsoft Windows
mdm.exe        1,188 K    3,440 K    380    Machine Debug Manager    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
igfxsrvc.exe        1,512 K    4,472 K    4436    igfxsrvc Module    Intel Corporation    (Verified) Intel Corporation
GWX.exe        2,332 K    976 K    3056    GWX    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        1,456 K    4,776 K    344    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
audiodg.exe        15,268 K    14,436 K    5676    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
 


  • 0

#22
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

 

Here is the procexp log for when I was opening up outlook and replicating the errors when trying to click on properties it also does it when trying to attach files.  The graphs on the software were going very high.

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    42.99    0 K    24 K    0            
procexp.exe    29.77    19,452 K    35,900 K    3584    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
dwm.exe    4.88    68,696 K    37,872 K    2812    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
RapportService.exe    13.71    40,020 K    27,328 K    3432    RapportService    IBM Corp.    (Verified) Trusteer
Interrupts    1.40    0 K    0 K    n/a    Hardware Interrupts and DPCs        
csrss.exe    0.75    1,840 K    16,760 K    600    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
System    2.87    56 K    3,268 K    4            
MsMpEng.exe    1.38    106,096 K    86,684 K    972    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
explorer.exe    0.41    46,604 K    67,296 K    2832    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
mdm.exe    < 0.01    1,220 K    3,756 K    380    Machine Debug Manager    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
RapportMgmtService.exe    1.15    32,064 K    22,812 K    1092    RapportMgmtService    IBM Corp.    (Verified) Trusteer
svchost.exe    0.30    12,048 K    13,864 K    2884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    75,776 K    79,888 K    1196    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.14    4,200 K    7,012 K    3692    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe    0.07    11,240 K    11,464 K    888    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe    0.03    43,464 K    27,668 K    3504    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        7,280 K    8,324 K    636    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows
lsass.exe        4,456 K    10,308 K    656    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.04    19,484 K    29,324 K    1276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    8,080 K    12,144 K    1244    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.07    13,072 K    11,988 K    1532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVC.EXE    0.01    4,428 K    8,168 K    1272    Microsoft® Windows Live ID Service    Microsoft Corp.    (Verified) Microsoft Corporation
svchost.exe        1,244 K    3,692 K    1992    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
wmpnetwk.exe        4,888 K    3,668 K    3596    Windows Media Player Network Sharing Service    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.01    1,480 K    3,208 K    528    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows
spoolsv.exe    < 0.01    8,896 K    13,496 K    1732    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        20,996 K    15,560 K    1164    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1,944 K    5,100 K    792    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        2,000 K    4,868 K    3852    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WLIDSVCM.EXE        656 K    2,116 K    2108    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.    (Verified) Microsoft Corporation
wininit.exe        944 K    2,984 K    588    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
TrustedInstaller.exe        3,216 K    7,392 K    4248    Windows Modules Installer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        8,048 K    7,792 K    1876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    3,420 K    6,408 K    908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,796 K    7,304 K    784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        664 K    2,156 K    4172    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,920 K    4,088 K    1380    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,184 K    6,268 K    5060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        3,736 K    6,800 K    2028    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    Suspended    224 K    208 K    5664    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        264 K    788 K    336    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows
NisSrv.exe        14,216 K    8,300 K    2416    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
lsm.exe        1,296 K    2,928 K    664    Local Session Manager Service    Microsoft Corporation    (Verified) Microsoft Windows
igfxsrvc.exe        1,512 K    4,476 K    4436    igfxsrvc Module    Intel Corporation    (Verified) Intel Corporation
HPSupportSolutionsFrameworkService.exe        23,932 K    31,360 K    4608    HP Support Solutions Framework Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
GWX.exe        2,332 K    736 K    3056    GWX    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        1,456 K    4,776 K    344    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
audiodg.exe        15,480 K    14,640 K    5352    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
 


  • 0

#23
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

What error do you get when you open excel?

What does it do if you open it in safe mode?

Hold windows key and press R. The Run dialog box will appear.

In the box type excel /safe and click OK. This should open excel in safe mode.
  • 0

#24
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

It only usually happens when i first click on the spreadsheets and then it is usually ok. but the error is = There was a problem sending the command to the program.  This is not a new problem it is one I have had for a while.

 

When I did windows and R the response came back with ...,."windows cannot find excel/safe. Make sure you typed the name correctly, and then try again." Oh I just retyped it with a space after excel and before/ and it has opened up now.  I don't have a problem with opening up a clean sheet just one that is already populated (this could be as most are from dropbox) No i have just blown that theory out as opened up one of my own.  They all open up straight away in safe mode.  Outlook and the internet are where I get most of my problems and frustration.


  • 0

#25
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Can you also try opening outlook in safe mode to see how it behaves?

Do windows and R key and in run box type outlook /safe and click OK. There is a space between outlook and the / :)

Thanks
  • 0

Advertisements


#26
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

Outlook took quite a while to open in safe mode and was not responding.  Once it did open though it seems to be ok apart from a few flickers of the screen now and again, but not hanging or going crazy like it was.  What does this mean then?  That there is a problem with the MS Office install?  I did un-install MS Office, turned off the computer to clear all the memory and then re-installed it. Excel is still experiencing an error if its not in safe mode as well. Thanks Dawn


  • 0

#27
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

OK. For Firefox we will try a complete reinstall to the latest version to see how that goes.
  • To uninstall Firefox follow the steps in this guide.
  • to reinstall FireFox then download the latest version from Mozilla.org


    For your excel issue try following the steps outlined in this guide. Go through each step one at a time. Let me know if this resolves your problem and which step it was.

    For Outlook

    I see you have this program installed - Microsoft Office Outlook Connector which is an application allowing Outlook to interact and manage other types of email acccounts. Let's try to uninstall this and see if it makes any difference to Outlook's performance.

    Things for your next post:
  • After reinstalling how is Firefox now?
  • Has the excel issue been resolved?
  • Has removing Outlook connector made any difference to Outlook?

  • 0

#28
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

Problems with everything you have asked me to do today.  Unable to uninstall FF, it simply will not remove.  I have tried manually uninstalling as per the instructions but it won't open up to start the process off.  I even went into the files and clicked on the folder to start it up that way and it still won't go.  I have check to make sure I have the lastest version and I have and i also did a refresh to see if that would kick start the helper.exe to start after I did the refresh but it didn't. So no further forward on that one.

Outlook seems a bit better but still flashing/blicking.  I have uninstalled the outlook connector.  When I clicked on a new message yesterday it was opening up infront of the other windows as it should but today it has gone back to opening up behind the main screen.

Excel I have tried every step you instructed.  I didn't have the DDE ticked so step 1 was ok. UE-V is not running so step 2 ok. Resent file associations done and ok. Step 4 office repair I didn't have MS Office 365 I have MS Office small business 2007 so did a repair on that. completed and rebooted.Step 5 Only 2 add ins in the COMS section turned off ominpage but unable to remove PDF as it said it would only let me do this as administrator so looked for the option to do that and couldn't find one.  Excel add ins - there weren't any ticked.  Step 6 disable hardware acceleration. Couldn't find this. It isn't where the instructions said and I also looked through the other options as well.  I did go on the other link mentioned but it looked too complicated and i didn't know what to do so came back out.  Step 7 I know I have the latest updates and have the automatic updates ticked.  Kind regards Dawn


  • 0

#29
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

OK. we'll try a different tact.

Firefox - Run Firefox with plugins disabled

Determining if a plugin is the problem

You can selectively disable plugins while Firefox is running. If you suspect a certain plugin, disable it first, then test for your problem. If you don't know which plugin to disable:

1.Click the menu button 2014-01-10-13-08-08-f52b8c.png and choose Add-ons. The Add-ons Manager tab will open.
2.In the Add-ons Manager tab, select the Plugins panel.
3.Select a plugin in the list and then select Never Activate in its drop-down menu. Repeat this step for each plugin in the list, until all of them are disabled. You do not need to restart Firefox for the changes to take effect.
4.Test for your problem. If it does not occur, go back to the Add-ons Manager tab and re-enable plugins one-by-one with the Always Activate drop-down menu until you find which one causes your problem to occur.

If you find that disabling a plugin fixes your problem, then do the following.

Visit Mozilla's Plugin Check & Updates pageto check if any of your installed plugins are out of date.

If updating to the newest version of the plugin or reinstalling it does not fix the problem, you can leave it disabled.


Step2 - Excel issue

I've been doing some further digging into the issue and a registry fix may perhaps solve it. The following FRST script will query registry keys to see what values are currently held.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Open notepad and copy/paste the text in the quotebox below into it:

reg: reg query "HKEY_CLASSES_ROOT\Excel.Sheet.8\Shell\Open\Command"
reg: reg query "HKEY_CLASSES_ROOT\Excel.Sheet.12\Shell\Open\Command"

  • Save this as fixlist.txt, in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.

    I'll do some further digginng on the Outlook issue to see what else i can suggest.

    Things for your next post:
  • How is Firefox running now?
  • fixlog.txt

  • 0

#30
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

I have left a few plugins disabled and FF appears to be working very well, best its been for months.  Is this something I need to monitor in the future to make sure they are updating?  I do have the settings to update automatically so shouldn't this happen on its own?  I have left Shockwaves, Java x 2 and a couple more disabled as they interferred with FF.  On looking up the check and updates some of the ones I have didn't have a resolution only a 'research' button so until I try to use something that really needs the plugin I will leave it as it is.  This did happen with iTunes I left it disabled as this upset FF, but when I tried to open iTunes it didn't work until I re-enabled it.

 

I have run the fixlist for Excel and this is attached below.  Many thanks for all your hard work and time spent on me I do appreicate it very much.

 

Fix result of Farbar Recovery Scan Tool (x86) Version:17-02-2016
Ran by da (2016-02-24 21:03:11) Run:5
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Boot Mode: Normal

==============================================

fixlist content:
*****************
reg: reg query "HKEY_CLASSES_ROOT\Excel.Sheet.8\Shell\Open\Command"
reg: reg query "HKEY_CLASSES_ROOT\Excel.Sheet.12\Shell\Open\Command"
*****************


========= reg query "HKEY_CLASSES_ROOT\Excel.Sheet.8\Shell\Open\Command" =========


HKEY_CLASSES_ROOT\Excel.Sheet.8\Shell\Open\Command
    (Default)    REG_SZ    "C:\Program Files\Microsoft Office\Office12\EXCEL.EXE" /e
    command    REG_MULTI_SZ    w_1^VH%!!!!!!!!MKKSkEXCELFiles>tW{~$4Q][email protected]=l2xaTO5 /e



========= End of Reg: =========


========= reg query "HKEY_CLASSES_ROOT\Excel.Sheet.12\Shell\Open\Command" =========


HKEY_CLASSES_ROOT\Excel.Sheet.12\Shell\Open\Command
    (Default)    REG_SZ    "C:\Program Files\Microsoft Office\Office12\EXCEL.EXE" /e
    command    REG_MULTI_SZ    w_1^VH%!!!!!!!!MKKSkEXCELFiles>tW{~$4Q][email protected]=l2xaTO5 /e



========= End of Reg: =========


==== End of Fixlog 21:03:12 ====


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP