Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP620 laptop not responding, freezing, flashing, going really slow [So


  • This topic is locked This topic is locked

#46
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace.

Ok. Thinking cap on again!

See you Sunday.
  • 0

Advertisements


#47
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

Hope you had a good weekend.  I am back again.  Just to say about windows, I am using windows 7 professional just in case that has been missed along the line as you say the problems I am experiencing with outlook is usally to do with windows. Thanks Dawn


  • 0

#48
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Ok, first reset the disabled addins so they will load at start up as this had no affect.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Apple.DAV.Addin /v LoadBehavior /t REG_DWORD /d 3 /f
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\BtOfficeAddin.BtOfficeIntegration.1 /v LoadBehavior /t REG_DWORD /d 3 /f
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Microsoft.VbaAddinForOutlook.1 /v LoadBehavior /t REG_DWORD /d 3 /f

  • Save this as fixlist.txt, in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.


    Then please follow the steps in this tutorial to see if this will help outlook, particularly the search. (follow steps for windows 7)

    Things for your next post:
  • fixlog.txt
  • how is outlook performing now?

  • 0

#49
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

I have completed everything you have suggested.  My feedback on Outlook is......Before you disabled the addins it was flashing and hanging whenever I searched for a contact or wanted to attach something to my emails.  Once you disabled the addins, outlook was really slow and going 'ghostly' whilst it wasn't responding and taking forever to respond to a command.  You then asked me to re-enable the addins and this was done last night and outlook is how it was before with flashing etc.  I have been through the tutorial and completed what has been requested and tried doing a search for a contact and outlook as gone biserk. It has opened several screens within itself.  I have tried to do a screen shot to show you but am unable to. It has been flashing/not responding now for several minutes. The fan is working very hard and hot.  I have just tried to get outlook to come to the front screen and it won't, this is unusual I usually manage to still flick between screens.  After about 5 mins outlook has now closed some of the screens and is letting me flick over the windows to bring outlook to the front. It has also now stopped flashing and has brought back the search details I requested and the fan has settled back down.  I tried to look up the properties of another contact to check what would happen and it started going mad again but didn't take as long. Kind regards Dawn


  • 0

#50
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

sorry forgot the log details.

 

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by da (2016-03-15 21:47:28) Run:12
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Apple.DAV.Addin /v LoadBehavior /t REG_DWORD /d 3 /f
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\BtOfficeAddin.BtOfficeIntegration.1 /v LoadBehavior /t REG_DWORD /d 3 /f
reg: reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Microsoft.VbaAddinForOutlook.1 /v LoadBehavior /t REG_DWORD /d 3 /f
*****************

Restore point was successfully created.

========= reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Apple.DAV.Addin /v LoadBehavior /t REG_DWORD /d 3 /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\BtOfficeAddin.BtOfficeIntegration.1 /v LoadBehavior /t REG_DWORD /d 3 /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\Microsoft.VbaAddinForOutlook.1 /v LoadBehavior /t REG_DWORD /d 3 /f =========

The operation completed successfully.



========= End of Reg: =========


==== End of Fixlog 21:48:36 ====


  • 0

#51
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Ok, I want you to run a system file check to see if all of the windows files are correct and not causing an issue.


SFC Scan

1.Click on the Start button and in the search box, type Command Prompt
2.When you see Command Prompt on the list, right-click on it and select Run as administrator
3.When command prompt opens, copy and paste the following commands into it and press enter.

sfc /scannow

Please note: there is one space between the c and the /

4.Let the scan complete.

If you get the message "Windows Resource Protection did not find any integrity violations" this means all is OK. Give Outlook a try and let me know what happens.

If you get any other message then copy and paste the following command at the command prompt and press enter

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

5.This will create a file, sfcdetails.txt on your Desktop.
6.Type exit to close the command prompt window.
7.Open file sfcdetails.txt and copy/paste this in your next reply.
8.If the file is too large you can zip the file and attach to your post.
  • 0

#52
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

hi Bruce1270

Windows Resource Protection did not find any integrity violations.  Outlook still same, flashing when I try to search for a contact or look at the properties etc.


  • 0

#53
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Ok, it was a long shot.

Another thing to try is I noticed you have Trusteer Rapport installed. Rapport (Trusteer Endpoint protection) has been recommended by many banks for their customers who sign up for online banking services and still is recommended by them.

It purports to be an additional layer of protection, but whether its essential...is debatable. You already have an AV installed plus this is known to slow machines to a crawl. On your process explorer snapshot it was certainly showing as one of the "big hitters" and on the second one you provided when you had opened Outlook it has shot up to one of the highest taking up CPU usage.
 

RapportService.exe 0.27 39,964 K 26,996 K 3432 RapportService IBM Corp. (Verified) Trusteer


RapportService.exe 13.71 40,020 K 27,328 K 3432 RapportService IBM Corp. (Verified) Trusteer


I would recommend removal of this program, and see if this frees up windows resource interacting with Outlook.

Step1 - Remove usng Revo Uninstaller
  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on Rapport
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • When prompted click on Yes and then on next.
  • Put a check on any folders that are found and select delete
  • When prompted select yes then on next
  • Once done click Finish.

    Reboot your machine and give Outlook another try.

  • 0

#54
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Bruce 1270

Well its looking good!  Still getting the occasional flash/flicker but on the whole working really well at the moment.  Yippee.......When I click to open a new message it opens behind the main screen is there something so that the new message will open in the front so i can read it straight away?  No worries if not as this is so much better, best its been working for over a year now. I can search without it going crazy and hanging for ages and also when I click on a contact properties it flickers once and then brings back the information.  Do we need to do anything else now?  Thank you Dawn


  • 0

#55
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumpkinace

Excellent news it seems to be much better now. :thumbsup:
 

is there something so that the new message will open in the front so i can read it straight away?


Try this reg fix to see if it helps.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Open notepad and copy/paste the text in the quotebox below into it:

reg: reg add "HKCU\Control Panel\Desktop" /v ForegroundLockTimeout /t REG_DWORD /d 0 /f

  • Save this as fixlist.txt, in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.

    Restart Outlook and see if this has helped.

  • 0

Advertisements


#56
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

Yes this appears to be working thank you.  Outlook is not 100% but 100% better than it has been for a very long time.  I can live with this thank you.  What I have noticed over the past 2 days of fixing is that any links that I click on for FF has become very slow again.  Also if I click on FF itself it is taking longer than it has been recently.  I think we are nearly there!! Sorry this has been a real headache, good for learning though?? x

 

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by da (2016-03-20 19:46:46) Run:13
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Boot Mode: Normal

==============================================

fixlist content:
*****************
reg: reg add "HKCU\Control Panel\Desktop" /v ForegroundLockTimeout /t REG_DWORD /d 0 /f
*****************


========= reg add "HKCU\Control Panel\Desktop" /v ForegroundLockTimeout /t REG_DWORD /d 0 /f =========

The operation completed successfully.



========= End of Reg: =========


==== End of Fixlog 19:46:48 ====


  • 0

#57
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts
Hi pumkinace

Can you run a fresh set of logs so I can have a quick look.
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run.
  • Please copy and paste the FRST.txt and Addition.txt to your reply.

    Thanks

  • 0

#58
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

Here are the logs.  I go away on holiday Thursday for 10 days , what will happen to my topic if we haven't finished by then please?  I can take my laptop with me to see if there is wifi there? 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
Ran by da (2016-03-21 21:56:59)
Running from C:\Users\da\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2010-11-03 11:44:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3932258823-1374462109-926273279-500 - Administrator - Disabled)
da (S-1-5-21-3932258823-1374462109-926273279-1001 - Administrator - Enabled) => C:\Users\da
Guest (S-1-5-21-3932258823-1374462109-926273279-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3932258823-1374462109-926273279-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Cashbook (HKLM\...\{ACF23689-C863-47CF-90BD-1082B60B0F19}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coolroom (HKLM\...\{734C8402-3F5D-495D-A463-3176B46775E9}) (Version: 1.0.0 - Ether Digital)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DemoForge Mirage Driver for TightVNC 2.0 (HKLM\...\DemoForge Mirage Driver for TightVNC_is1) (Version: 2.0 - DemoForge LLC)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Manager (HKLM\...\InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}) (Version: 1.00.0012 - Seagate Technology)
Drive Manager (Version: 1.00.0012 - Seagate Technology) Hidden
Dropbox (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Elevated Installer (Version: 4.1.17.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Connect Guide (HKLM\...\Epson Connect Guide) (Version:  - )
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{E402F650-650F-45C0-8F7A-00678D6AA0F6}) (Version: 2.6.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{5662F323-3D9C-4100-B60C-BC71B47DD0A1}) (Version: 3.10.0041 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.60.00 - SEIKO EPSON CORPORATION)
EPSON Manuals (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.40.0.0 - SEIKO EPSON CORPORATION)
Epson Network Guide WF-3520 Series (HKLM\...\WF-3520 Series Netg) (Version:  - )
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Finder (HKLM\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Remote Print Uninstall (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.00.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON Universal Print Driver Printer Uninstall (HKLM\...\EPSON Universal Print Driver) (Version:  - SEIKO EPSON Corporation)
Epson User's Guide WF-3520 Series (HKLM\...\WF-3520 Series Useg) (Version:  - )
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
EPSON WF-7610 Series Printer Uninstall (HKLM\...\EPSON WF-7610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
FUJIFILM MyFinePix Studio 2.0 (HKLM\...\FinePix Genie_is1) (Version:  - )
Garmin City Navigator Europe NTU 2015.30 (HKLM\...\{63F1BF21-7435-4055-AA71-7ED2B7948C8C}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{28c6c909-1890-443b-9960-0e8a535c2c69}) (Version: 4.1.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 4.1.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 4.1.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 5.2.0.952 (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\GoToMeeting) (Version: 5.2.0.952 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{206E1EEB-027A-4FC0-B4ED-6E48203BD49A}) (Version: 1.1.1.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{9161546B-336A-4E3D-B049-F25A400558C6}) (Version: 3.5.14.1 - Hewlett-Packard Company)
HP Setup (HKLM\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{223E2363-6643-49CB-A062-59A9858EE8EE}) (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.17.13 - Roxio)
HP Webcam Driver (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard)
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2057 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{F16EA575-26A5-4DAD-A800-95267BE02C12}) (Version: 12.3.2.35 - Apple Inc.)
Java™ 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LightScribe Diagnostic Utility (HKLM\...\{05F8CCEB-1EDD-4996-A0E0-FF6EDB1E75EA}) (Version: 1.18.23.1 - LightScribe)
LightScribe System Software (HKLM\...\{10427BCB-0742-43BE-81E2-3920972946F5}) (Version: 1.18.23.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{2765F726-849C-47B2-A82C-B257DFC0E01C}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mediatek RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.0 - MediatekWiFi)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-GB)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\MusicManager) (Version:  - Google, Inc.)
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Naviextras Toolbox (HKLM\...\Naviextras Toolbox) (Version: 3.18.0.330918 - NNG Llc.)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nuance PaperPort 12 (HKLM\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.19.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.116 - PDF Complete, Inc)
Presto! PageManager 9.03 SE (HKLM\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAF (HKLM\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
Rapport (Version: 3.5.1507.113 - Trusteer) Hidden
RealDownloader (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
REALTEK Wireless LAN Software (HKLM\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 1.8.0.1403131552 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1403131552 - Copyright 2013 SAMSUNG)
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan2PC (HKLM\...\{E59F8AF2-78D4-4355-B0EF-58C466C1242C}) (Version: 1.3.0.21 - Q)
ScanSoft OmniPage SE 4 (HKLM\...\{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Scansoft PDF Professional (Version:  - ) Hidden
Skype™ 7.8 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SkyPlayer for Windows Media Center (HKLM\...\{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}) (Version: 4.4.2.0 - Microsoft Corporation)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.1.9385  - TeamViewer GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VPresent (HKLM\...\{72478BBA-D832-4E6B-93A0-E89431E7A8BB}) (Version: 2.2.20.0 - VPresent)
WAV MP3 Converter v4.3 build 1287 (HKLM\...\{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1) (Version:  - Hoo Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
XHeader (HKLM\...\XHeader) (Version: 1.205 - Intellimon)
XHeader Bonus Download (HKLM\...\XHeader Bonus Download) (Version: 1.215 - Intellimon)
XSitePro2 (HKLM\...\XSitePro2) (Version: 2.149 - Intellimon Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\952\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932258823-1374462109-926273279-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\da\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F4D914B-D23A-4698-9D86-8ACB7897DC18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {10DCCDC0-0C68-4523-9E20-C0284AE4AD6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1A22CA1F-7997-4B9F-A089-DC8E8692B595} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {1D155B23-AA5A-4708-9AC8-6F70453E36D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {201099AB-76BD-4D1D-9760-513BFCE3018E} - System32\Tasks\{E092E56F-395B-4834-BD8C-022B3A0CB4C7} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {215EDD27-4061-4692-85EB-BA9400CB7E97} - System32\Tasks\{D6654F95-01F1-4535-A7B0-0B5D854A4744} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {2A3DBE0A-CCE6-4B31-888B-376FD16A0D93} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2F1660A0-1A6A-4C32-911B-49CDB141E730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E383FA3-0751-435B-A033-768AE7B4518C} - System32\Tasks\{9971F867-1FB6-4487-9934-640788B097E5} => C:\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe [2012-10-17] (Broadcom Corporation.)
Task: {416D0FFB-B073-4751-8D70-CE5FC65411B8} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-02-16] ()
Task: {4540BA04-7903-43AC-BEB5-564A2C911F00} - System32\Tasks\{EB61F18D-E9FC-492A-BD73-A7A0B7853034} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {512E6DEB-CB5D-4CAE-A4BC-4318839733A2} - System32\Tasks\{7009BCAC-1A27-42E3-86C4-65A0C2B39D76} => pcalua.exe -a C:\Users\da\Documents\Downloads\mx850sosmwin110encm.exe -d C:\Users\da\Documents\Downloads
Task: {5269F030-F140-4AB5-B008-E287DE58068C} - System32\Tasks\HPCeeScheduleForDAWNGREENAWAY$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {53790E83-EE53-42F8-BCAC-6848B107DF0F} - System32\Tasks\{F59679D7-FC51-4653-8FEC-61D0BEF9341A} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp55212.exe" -d C:\windows\system32
Task: {53A30C8F-5015-4623-9556-D61E4C48F136} - System32\Tasks\{4BE21352-3767-4BAE-9682-EEA5DECECC26} => pcalua.exe -a C:\Users\da\Downloads\gm5p_setup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {563BBA89-3EAB-44C9-BB33-BE2A91E979F7} - System32\Tasks\{5726758E-0E12-4B00-A9C1-EC425E3E67E9} => pcalua.exe -a C:\Users\da\Downloads\mx850sndwin250a_ntwin250aen.exe -d C:\windows\system32
Task: {58F0462E-60D8-47C6-9129-0897ACCB790A} - System32\Tasks\{34B0F794-6A48-468E-AAE5-865BD937F693} => C:\Program Files\WIDCOMM\Bluetooth Software\AdminUtils.exe [2012-10-17] (Broadcom Corporation.)
Task: {59DCAD36-AE95-48FC-8E12-36A8DF107D5D} - System32\Tasks\{1F4A81E3-C3E1-4D1E-BB3C-332F4F7742DF} => pcalua.exe -a C:\Users\da\Downloads\gm5b_setup(1).exe -d "C:\Program Files\Mozilla Firefox"
Task: {59E11070-5D93-4431-B450-FBEA77875978} - System32\Tasks\{CA656C04-5BF8-410E-872D-7817A33A4A9F} => C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe [2012-10-17] (Broadcom Corporation.)
Task: {5F1E2E3C-7A47-412D-8A4F-E61ACEA87DD1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {62C2A0E5-FA06-4690-ACB6-0FC57BA3B0EF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6845CE20-E427-49D8-9A5D-85B5F0ECCDAD} - System32\Tasks\{F60E4F7A-3FED-4AD3-8AE6-385BCE906DB9} => pcalua.exe -a C:\Users\da\Downloads\gm5b_setup(2).exe -d "C:\Program Files\Mozilla Firefox"
Task: {6BAAB1C4-16D4-4C17-9816-EBD8A0A5361D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {71F186F6-2079-4545-9F21-A1CCD3E450E2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-24] (Adobe Systems Incorporated)
Task: {79232A21-173A-4382-BB1C-1C9840C730EB} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {7B367C6E-E9C3-4D5A-B441-D023DE5A5B75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {85F59070-DF3B-4E8D-A45A-DBCE4F9FA3CE} - System32\Tasks\{3FDFF92D-A9E8-4F2E-941F-71435EA4F174} => pcalua.exe -a C:\Users\da\Downloads\gm5p_setup(1).exe -d C:\Users\da\Documents
Task: {873A4D05-EA53-4E69-8997-7368778570E1} - System32\Tasks\{84D08FB8-D0B2-4078-BB1F-F67201567C63} => pcalua.exe -a C:\Users\da\Documents\Downloads\sp64082.exe -d C:\Users\da\Documents\Downloads
Task: {8A35A498-D71B-41E6-A24C-F0F57F0633A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {9226A192-EBFA-4CF1-917D-9059D26D4B92} - System32\Tasks\HPCeeScheduleForda => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {9AD90831-66E9-434A-9559-D587D586FAF5} - System32\Tasks\{AEA9E9C1-C1CF-4DCE-96CD-CA813A46C0F1} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp52183.exe" -d C:\windows\system32
Task: {9D7CE0C7-ED02-4D61-94B2-23EEFD8BC355} - System32\Tasks\{615FAF27-C7EB-462C-86C2-148115F378DF} => pcalua.exe -a C:\Users\da\Downloads\sp54620(3).exe -d C:\Users\da\Downloads
Task: {9DEF8023-C2A1-42DA-BF8A-B607B05A624E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {9DF82888-5EC2-4E3F-A4F9-24C883C5C4D6} - System32\Tasks\{1421478B-3720-459C-A7E4-BF916691451C} => C:\Users\da\AppData\Local\Amazon\Kindle\application\Kindle.exe [2015-07-21] (Amazon.com)
Task: {9ED0B1BD-3CA8-42D3-8ED0-92DB646D3888} - System32\Tasks\{0C410A45-3F33-439F-9975-B5068AD71D39} => pcalua.exe -a C:\Users\da\Downloads\aomwin200ea24(2).exe -d C:\windows\system32
Task: {A13AFD25-3608-4701-AC47-5644511BC98D} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {A72C4338-CF0F-482B-BD07-DECF529E7C1F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {ACAA55A0-5318-46C3-90C3-52F187074BA5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {B4227801-F9B1-4AEC-8912-842332F7F5EF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {B59AA59D-DFA8-4C59-B76A-D4E6E442DED7} - System32\Tasks\{0F598EE6-A424-4CE6-9EF6-A65D68DEDC09} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp54982.exe" -d C:\windows\system32
Task: {B621ABD7-1AE6-4C49-94B4-187FAC2A5EA9} - System32\Tasks\{A550B53A-5339-4364-9954-C8A9D91FD65C} => pcalua.exe -a "C:\Users\da\Downloads\Driver Support\Driver Support\sp50180.exe" -d C:\windows\system32
Task: {BE96B368-0730-4A2B-BE3E-A138B4888852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {C201B029-179C-4EFC-92A5-0B4D4D03173E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {C629AB7B-A7EB-4D92-AC0C-D2C48FFCDB31} - System32\Tasks\{8319F902-19E7-4E3B-BC86-F617AB63A60E} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {C6987233-1F5B-4ED0-9A20-F2D1A68ED4B1} - System32\Tasks\{8EEA20BD-0453-4013-AF29-E1F027F7222F} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {C9601CC5-7735-468C-B860-4F286AF83624} - System32\Tasks\CCleaner => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {CE286AE4-9C5C-4C65-9881-79C0E82FFE9F} - System32\Tasks\{2BDA8AEB-C4C5-405E-9D78-3C7A9D3C2F71} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-10-17] (Broadcom Corporation.)
Task: {D23DE358-03D5-41EB-82A5-493CD1E8DB2A} - System32\Tasks\{8EB4FDDC-3DD7-4A74-9D6D-47A92B40EC46} => pcalua.exe -a C:\Users\da\Downloads\mx850swin101ea24.exe -d "C:\Program Files\Mozilla Firefox"
Task: {D24C8C35-ABE1-458A-AF8F-67EF6025599E} - System32\Tasks\{A3D83E62-E1E0-40A6-9F9E-C407A1C3E652} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {D46C1B9A-6E21-49A6-B70B-FD37096C196D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {D86D295C-C96F-445C-8FFD-0816FDF9411B} - System32\Tasks\{26D0E011-638C-47F1-A146-FC24BDDCBFA7} => pcalua.exe -a C:\Users\da\Downloads\PM90310ML.exe -d C:\Users\da\Downloads
Task: {DAE2F664-3E38-40ED-85CF-8C0FE23CFC4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {DBBD5577-570B-4B39-BA55-8325FA731752} - System32\Tasks\{ACCE6506-EA6A-4726-9228-68FE7A1F35A8} => pcalua.exe -a C:\Users\da\Documents\Downloads\sp47022.exe -d C:\Users\da\Documents\Downloads
Task: {DEE0E42F-CC3D-41A3-A272-2D6EC0B2DA62} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {DF1F9333-B5F8-48A4-A5A6-B95D160E5D71} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3932258823-1374462109-926273279-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E0AC77B5-2592-4069-9548-5C6FCC7270D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {EE884B8D-A8CB-47DA-BB98-5D638365C448} - System32\Tasks\{4E9E56B3-4C15-4F41-A050-4443CF04C01E} => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job => C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job => C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForda.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForDAWNGREENAWAY$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-12-18 15:42 - 2015-12-18 15:42 - 50708664 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2011-05-26 20:18 - 2011-05-26 20:18 - 00136536 _____ () C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\driversupport.com -> hxxps://apps.driversupport.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:04 - 2016-02-20 16:03 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\da\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AllShare Framework DMS => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Basics Service => 2
MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CoolroomDownloadManagerService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: Garmin Device Interaction Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpHotkeyMonitor => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyEpson Portal Service => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RaMediaServer => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RealPlayer Cloud Service => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: RoxMediaDB10 => 3
MSCONFIG\Services: Samsung Link Service => 2
MSCONFIG\Services: Scan2PC => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: TeamViewer5 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mediatek Wireless Utility.lnk => C:\windows\pss\Mediatek Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^da^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: basicsmssmenu => "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Dropbox Update => "C:\Users\da\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\da\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "c:\program files\itunes\ituneshelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MusicManager => "C:\Users\da\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMSpeed => C:\Program Files\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE
MSCONFIG\startupreg: QLBController => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: WrtMon.exe => C:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{9C3694A9-6C8A-485B-9B56-7A4B02AF375B}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Block) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{FE76E81A-1648-4799-AC6D-3EE5D9DA2D67}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Block) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{17C68C74-0542-4EEE-8A0B-49592FDEA6D9}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{724D3BA5-84E7-4A6B-B532-77A2D17FF065}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{3CFBF9E7-CBB6-45F2-B771-7E5E0E6780C2}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [UDP Query User{CA2EEDE8-C4EB-482C-9C20-B98BF29CD883}C:\program files\samsung\samsung link\samsung link tray agent.exe] => (Allow) C:\program files\samsung\samsung link\samsung link tray agent.exe
FirewallRules: [TCP Query User{CF1D53DC-0D23-496A-9D9A-E15EC3D65C2B}C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe] => (Allow) C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe
FirewallRules: [UDP Query User{835BDAB4-922F-4A84-91BA-7D83B7281E38}C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe] => (Allow) C:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe
FirewallRules: [TCP Query User{694CD2B6-E400-40C4-816F-165D9E411D86}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{233B0385-CBD0-4CA6-B463-E38FBC699212}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{14AD1597-0593-4CFD-BBAD-4756B1B71D40}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

16-03-2016 12:00:21 Windows Update
19-03-2016 21:57:49 Revo Uninstaller's restore point - Trusteer Endpoint Protection
19-03-2016 21:59:28 Removed Rapport
20-03-2016 19:49:44 Windows Update
20-03-2016 20:02:10 Garmin Express
20-03-2016 20:08:52 Garmin Express

==================== Faulty Device Manager Devices =============

Name: MpKsl11636731
Description: MpKsl11636731
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl11636731
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/19/2016 09:57:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ba2e68e6-a86f-45b0-81c6-0438d4771885}

Error: (03/15/2016 09:47:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {dbefab29-4654-49f5-8413-4912e07187bf}

Error: (03/14/2016 07:40:15 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (03/14/2016 07:39:59 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (03/14/2016 07:39:01 PM) (Source: MsiInstaller) (EventID: 1023) (User: DAWNGREENAWAY)
Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\da\AppData\Local\Temp\MSIa42f8.LOG.

Error: (03/10/2016 10:15:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 12.0.6691.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9a8

Start Time: 01d17b190471bb35

Termination Time: 0

Application Path: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

Report Id:

Error: (03/10/2016 10:05:10 PM) (Source: HPSupportSolutionsFrameworkService) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (03/08/2016 12:08:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d862e1dd-651a-4772-b88a-f711c22553da}

Error: (02/26/2016 09:42:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3cac672d-d044-48bc-8874-a9981f33431c}

Error: (02/26/2016 09:27:32 PM) (Source: MsiInstaller) (EventID: 1023) (User: DAWNGREENAWAY)
Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\da\AppData\Local\Temp\MSI3872d.LOG.


System errors:
=============
Error: (03/19/2016 10:39:28 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.215.1919.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (03/17/2016 08:17:24 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.

Error: (03/15/2016 10:22:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (03/10/2016 10:23:32 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.215.565.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (03/10/2016 10:05:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/08/2016 12:55:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (03/07/2016 10:50:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}

Error: (02/26/2016 10:04:55 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding740{51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (02/21/2016 09:23:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.6725.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (02/21/2016 09:23:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.6725.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6570 @ 2.10GHz
Percentage of memory in use: 54%
Total physical RAM: 3000.27 MB
Available physical RAM: 1372.51 MB
Total Virtual: 5998.85 MB
Available Virtual: 4234.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.79 GB) (Free:64.41 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DE5AC82A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by da (administrator) on DAWNGREENAWAY (21-03-2016 21:54:12)
Running from C:\Users\da\Desktop
Loaded Profiles: da (Available Profiles: da)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM\...\runonceex: [ContentMerger] => C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2016-02-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1403304 2016-02-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\da\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{BD53176A-3F68-456B-BD0F-953EEA4D05E8}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C385B932-3828-44FE-A24E-AA6C92A2CA4B}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{EDB6B648-580F-4622-89D4-8FE183E73E20}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
HKU\S-1-5-21-3932258823-1374462109-926273279-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/2
SearchScopes: HKU\S-1-5-21-3932258823-1374462109-926273279-1001 -> {4CF47C40-C912-4248-B5E3-E9D60E076B5D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-26] (RealDownloader)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-24] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\htbwy3dd.default-1456176531907
FF Homepage: hxxps://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-24] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 -> C:\windows\system32\npdeployJava1.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-02-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-26] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-02-08] (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3932258823-1374462109-926273279-1001: @tools.google.com/Google Update;version=3 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3932258823-1374462109-926273279-1001: @tools.google.com/Google Update;version=9 -> C:\Users\da\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2015-02-08] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2015-02-08] (RealPlayer Cloud)
FF Extension: Garmin Communicator - C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\htbwy3dd.default-1456176531907\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-02-24]
FF Extension: UW CashBack Wizard - C:\Users\da\AppData\Roaming\Mozilla\Firefox\Profiles\htbwy3dd.default-1456176531907\Extensions\@uw-cashback-wizard-pub.xpi [2016-02-24]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-21] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-25] [not signed]
FF HKLM\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-08-17] [not signed]

Chrome:
=======
CHR Profile: C:\Users\da\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\da\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-09]
CHR HKU\S-1-5-21-3932258823-1374462109-926273279-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.WB375URJVMMOHOZGJDSIZ3RWYU - C:\Users\da\AppData\Local\Google\Chrome\Application\46.10.2479.2\chromer.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed]
S4 Basics Service; C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)
S4 BcmBtRSupport; C:\windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
S4 CoolroomDownloadManagerService; C:\Program Files\Coolroom\DownloadManagerService.exe [430080 2009-01-05] (Etherdigital Limited) [File not signed]
S4 EpsonScanSvc; C:\windows\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
S4 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [233472 2013-03-20] (Teruten) [File not signed]
S3 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [846352 2016-02-16] (Garmin Ltd. or its subsidiaries)
S4 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-04-16] (Hewlett-Packard Company) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
S4 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
S4 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S4 RalinkRegistryWriter; C:\Program Files\MediatekWiFi\Common\RaRegistry.exe [401096 2014-05-01] (Mediatek Inc.)
S4 RaMediaServer; C:\Program Files\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2266160 2016-03-03] (IBM Corp.)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
S4 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2015-02-08] (RealNetworks, Inc.)
S4 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [577376 2014-03-13] (Copyright 2013 SAMSUNG)
S4 Scan2PC; C:\Program Files\Scan2PC\Sc2PCSvc.exe [69632 2009-08-10] () [File not signed]
S4 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S4 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcbtums; C:\windows\System32\drivers\bcbtums.sys [170552 2012-09-24] (Broadcom Corporation.)
R3 btwampfl; C:\windows\System32\DRIVERS\btwampfl.sys [507704 2012-07-03] (Broadcom Corporation.)
R3 dfmirage; C:\windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-04] (DemoForge, LLC)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 HTCAND32; C:\windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [94936 2015-10-05] (Malwarebytes)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
S3 netr28u; C:\windows\System32\DRIVERS\netr28u.sys [1704648 2014-01-24] (Ralink Technology Corp.)
R1 RapportCerberus_1507082; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507082.sys [569472 2016-03-08] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [306016 2016-03-03] (IBM Corp.)
R0 RapportHades; C:\windows\System32\Drivers\RapportHades.sys [82400 2016-03-03] (IBM Corp.)
R0 RapportKELL; C:\windows\System32\Drivers\RapportKELL.sys [235360 2016-03-03] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [363424 2016-03-03] (IBM Corp.)
R3 rtsuvc; C:\windows\System32\DRIVERS\rtsuvc.sys [73344 2010-01-30] (Realtek Semiconductor Corp.)
S3 usbrndis6; C:\windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 eapihdrv; \??\C:\Users\da\AppData\Local\Temp\ehdrv.sys [X]
S1 MpKsl11636731; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3088D47-2145-4E43-84C1-A1D084C6F2CF}\MpKsl11636731.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-21 21:54 - 2016-03-21 21:55 - 00022231 _____ C:\Users\da\Desktop\FRST.txt
2016-03-19 21:53 - 2016-03-19 21:53 - 00001263 _____ C:\Users\da\Desktop\Revo Uninstaller.lnk
2016-03-19 21:53 - 2016-03-19 21:53 - 00000000 ____D C:\Users\da\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-03-19 21:52 - 2016-03-19 21:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\da\Downloads\revosetup.exe
2016-03-15 16:25 - 2016-02-09 09:50 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-03-15 16:25 - 2016-02-04 17:46 - 02387456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-03-15 16:25 - 2016-02-03 17:59 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-03-15 16:24 - 2016-02-11 18:44 - 03994560 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2016-03-15 16:24 - 2016-02-11 18:44 - 03938240 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-03-15 16:24 - 2016-02-11 18:44 - 00138176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-03-15 16:24 - 2016-02-11 18:44 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-03-15 16:24 - 2016-02-11 18:41 - 01310232 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-03-15 16:24 - 2016-02-11 18:38 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-03-15 16:24 - 2016-02-11 18:38 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00654336 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00251392 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-03-15 16:24 - 2016-02-11 18:37 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-03-15 16:24 - 2016-02-11 18:35 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-03-15 16:24 - 2016-02-11 18:35 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-03-15 16:24 - 2016-02-11 18:35 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-03-15 16:24 - 2016-02-11 18:34 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-03-15 16:24 - 2016-02-11 18:33 - 01060864 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-03-15 16:24 - 2016-02-11 18:33 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-03-15 16:24 - 2016-02-11 18:31 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-03-15 16:24 - 2016-02-11 18:31 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-03-15 16:24 - 2016-02-11 18:30 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-03-15 16:24 - 2016-02-11 18:30 - 00642560 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-03-15 16:24 - 2016-02-11 18:30 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-03-15 16:24 - 2016-02-11 17:43 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-03-15 16:24 - 2016-02-11 17:37 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-03-15 16:24 - 2016-02-11 17:32 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-03-15 16:24 - 2016-02-11 17:32 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-03-15 16:24 - 2016-02-11 17:32 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-03-15 16:24 - 2016-02-11 17:31 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-03-15 16:24 - 2016-02-11 17:30 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-03-15 16:24 - 2016-02-11 17:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-03-15 16:24 - 2016-02-11 17:30 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-03-15 16:24 - 2016-02-04 18:41 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-03-15 16:22 - 2016-02-12 18:07 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-03-15 16:21 - 2016-02-12 18:39 - 02956288 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-03-15 16:21 - 2016-02-12 18:39 - 00174080 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-03-15 16:21 - 2016-02-12 18:26 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-03-15 16:21 - 2016-02-12 18:06 - 00573440 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-03-15 16:21 - 2016-02-12 18:05 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-03-15 16:21 - 2016-02-12 18:05 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-03-15 16:21 - 2016-02-12 18:05 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-03-15 16:21 - 2016-02-12 18:05 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-03-15 16:21 - 2016-02-12 18:05 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-03-15 16:21 - 2016-02-12 18:05 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-03-15 16:21 - 2016-02-08 20:38 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-03-15 16:21 - 2016-02-08 20:28 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-03-15 16:21 - 2016-02-08 20:23 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-15 16:21 - 2016-02-08 20:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-15 16:21 - 2016-02-08 20:02 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-03-15 16:21 - 2016-02-03 18:49 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-03-15 16:21 - 2016-02-03 18:49 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\olepro32.dll
2016-03-15 16:21 - 2016-02-03 18:43 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-03-15 16:20 - 2016-02-09 06:10 - 00341200 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-03-15 16:20 - 2016-02-08 21:05 - 20352512 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-03-15 16:20 - 2016-02-08 20:51 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-03-15 16:20 - 2016-02-08 20:51 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-03-15 16:20 - 2016-02-08 20:39 - 00496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-03-15 16:20 - 2016-02-08 20:39 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-03-15 16:20 - 2016-02-08 20:38 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-03-15 16:20 - 2016-02-08 20:37 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-03-15 16:20 - 2016-02-08 20:34 - 02280448 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-03-15 16:20 - 2016-02-08 20:32 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-03-15 16:20 - 2016-02-08 20:31 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-03-15 16:20 - 2016-02-08 20:30 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-03-15 16:20 - 2016-02-08 20:28 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-03-15 16:20 - 2016-02-08 20:28 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-03-15 16:20 - 2016-02-08 20:28 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-03-15 16:20 - 2016-02-08 20:20 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-03-15 16:20 - 2016-02-08 20:15 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-03-15 16:20 - 2016-02-08 20:13 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-03-15 16:20 - 2016-02-08 20:12 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-03-15 16:20 - 2016-02-08 20:11 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-03-15 16:20 - 2016-02-08 20:10 - 04611072 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-03-15 16:20 - 2016-02-08 20:10 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-03-15 16:20 - 2016-02-08 20:03 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-03-15 16:20 - 2016-02-08 20:02 - 13012480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-03-15 16:20 - 2016-02-08 20:02 - 00687104 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-03-15 16:20 - 2016-02-08 20:01 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-03-15 16:20 - 2016-02-08 20:01 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-03-15 16:20 - 2016-02-08 19:43 - 02121216 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-03-15 16:20 - 2016-02-08 19:39 - 01311744 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-03-15 16:20 - 2016-02-08 19:38 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-03-15 16:15 - 2016-02-19 14:07 - 01206784 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-03-15 16:14 - 2016-02-19 18:50 - 00034240 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-03-15 16:14 - 2016-02-19 18:41 - 00958464 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-03-15 16:14 - 2016-02-11 14:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-03-15 16:14 - 2016-02-09 09:51 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-03-15 16:14 - 2016-02-09 09:51 - 11411456 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-03-15 16:14 - 2016-02-09 09:13 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-03-15 16:14 - 2016-02-09 09:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-03-15 16:14 - 2016-02-09 09:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-03-15 16:14 - 2016-02-05 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-03-15 16:14 - 2016-02-05 18:44 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-03-15 16:14 - 2016-02-05 18:42 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-03-15 16:14 - 2016-02-05 17:43 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-03-15 16:14 - 2016-02-05 17:43 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-03-15 16:14 - 2016-02-05 14:07 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-03-15 16:14 - 2016-02-05 14:07 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-03-15 16:14 - 2016-02-05 14:07 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-03-03 11:19 - 2016-03-03 11:19 - 00235360 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportKELL.sys
2016-03-03 11:19 - 2016-03-03 11:19 - 00082400 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportHades.sys
2016-02-26 21:38 - 2016-02-26 21:38 - 00000935 _____ C:\Users\da\Desktop\NTREGOPT.lnk
2016-02-26 21:38 - 2016-02-26 21:38 - 00000916 _____ C:\Users\da\Desktop\ERUNT.lnk
2016-02-26 21:38 - 2016-02-26 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2016-02-26 21:38 - 2016-02-26 21:38 - 00000000 ____D C:\Program Files\ERUNT
2016-02-26 21:36 - 2016-02-26 21:36 - 00791393 _____ (Lars Hederer ) C:\Users\da\Downloads\erunt_setup(1).exe
2016-02-25 12:29 - 2016-02-25 12:29 - 00000000 ____D C:\Users\da\AppData\Local\CEF
2016-02-24 20:45 - 2016-02-24 20:45 - 18860616 _____ C:\Users\da\Downloads\CommunicatorPlugin_420.exe
2016-02-24 20:38 - 2016-03-14 19:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-24 20:38 - 2016-02-24 20:38 - 00002058 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-23 20:36 - 2016-02-23 20:36 - 00000000 ____D C:\Users\da\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-22 22:11 - 2016-01-11 18:54 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-02-22 22:11 - 2015-11-19 14:06 - 00922432 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00066400 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00022368 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-22 22:11 - 2015-11-19 14:06 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-22 21:13 - 2016-02-22 21:13 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-02-22 21:12 - 2016-02-22 21:12 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2016-02-20 16:15 - 2016-02-20 16:15 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\da\Desktop\procexp.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-21 21:56 - 2015-08-24 10:01 - 00000308 _____ C:\windows\Tasks\HPCeeScheduleForda.job
2016-03-21 21:54 - 2016-02-06 14:44 - 00000000 ____D C:\FRST
2016-03-21 21:52 - 2015-06-22 10:31 - 00000906 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job
2016-03-21 21:51 - 2016-02-09 09:16 - 00000878 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-21 21:51 - 2012-11-15 20:36 - 00000896 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001UA.job
2016-03-21 21:51 - 2012-04-04 08:55 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-21 20:24 - 2015-06-22 10:30 - 00000854 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job
2016-03-21 20:23 - 2009-07-14 04:34 - 00025648 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:23 - 2009-07-14 04:34 - 00025648 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 20:18 - 2015-12-24 14:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-21 20:18 - 2012-05-02 21:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-21 09:21 - 2016-02-09 09:16 - 00000874 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-21 00:36 - 2012-11-15 20:36 - 00000844 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932258823-1374462109-926273279-1001Core.job
2016-03-20 21:37 - 2011-07-26 15:36 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForDAWNGREENAWAY$.job
2016-03-20 20:23 - 2014-10-16 18:38 - 00000000 ____D C:\Users\da\AppData\Local\Garmin
2016-03-20 20:11 - 2014-10-16 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-20 20:10 - 2011-04-07 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-03-20 20:10 - 2010-11-16 15:55 - 00000000 ____D C:\Program Files\Garmin
2016-03-20 19:36 - 2009-07-14 04:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-19 21:53 - 2015-07-24 21:31 - 00000000 ____D C:\Program Files\VS Revo Group
2016-03-18 11:00 - 2016-02-15 12:20 - 00000000 ____D C:\Users\da\Documents\My PageManager
2016-03-16 01:09 - 2009-07-14 02:37 - 00000000 ____D C:\windows\rescache
2016-03-16 01:08 - 2010-11-05 20:34 - 00000000 ____D C:\Users\da\AppData\Local\ElevatedDiagnostics
2016-03-15 22:13 - 2009-07-14 02:37 - 00000000 ____D C:\windows\PolicyDefinitions
2016-03-15 22:13 - 2009-07-14 02:37 - 00000000 ____D C:\windows\inf
2016-03-15 21:47 - 2010-06-10 07:19 - 00785302 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-15 21:38 - 2009-07-14 04:33 - 00459000 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-15 21:35 - 2014-12-12 12:34 - 00000000 ____D C:\windows\system32\appraiser
2016-03-15 17:08 - 2013-07-15 14:43 - 00000000 ____D C:\windows\system32\MRT
2016-03-15 16:57 - 2010-11-11 17:32 - 141270216 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-03-15 16:31 - 2016-02-09 09:18 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 16:07 - 2013-12-02 21:46 - 00000000 ____D C:\Users\da\AppData\Roaming\.oit
2016-03-14 20:23 - 2013-09-25 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-14 19:44 - 2010-11-07 17:05 - 00000000 ____D C:\Users\da\AppData\Roaming\Skype
2016-03-08 22:12 - 2010-11-12 16:46 - 00000000 ____D C:\windows\ERDNT
2016-03-08 12:51 - 2015-11-17 18:47 - 00000000 ____D C:\Users\da\Documents\Funeral Work
2016-03-08 12:51 - 2010-12-06 16:51 - 00000000 ____D C:\Users\da\Documents\Dee Gees Nails
2016-03-08 12:42 - 2016-02-08 22:16 - 00000000 ____D C:\Users\da\Desktop\FRST-OlderVersion
2016-03-08 12:42 - 2016-02-06 14:42 - 01725440 _____ (Farbar) C:\Users\da\Desktop\FRST.exe
2016-03-07 13:51 - 2010-11-03 11:46 - 00126336 _____ C:\Users\da\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-03 21:28 - 2009-07-14 02:04 - 00000478 _____ C:\windows\win.ini
2016-02-26 22:43 - 2015-04-20 18:43 - 00000000 ___SD C:\windows\system32\GWX
2016-02-26 22:03 - 2014-06-23 19:54 - 00000000 ____D C:\Users\da\Documents\Deramores
2016-02-25 12:29 - 2014-08-29 09:58 - 00000000 ____D C:\Users\da\AppData\Local\Adobe
2016-02-24 20:46 - 2010-11-16 15:55 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2016-02-24 20:37 - 2011-09-26 19:58 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-24 20:37 - 2010-11-11 15:52 - 00000000 ____D C:\ProgramData\Adobe
2016-02-24 20:37 - 2010-11-11 15:52 - 00000000 ____D C:\Program Files\Adobe
2016-02-24 20:08 - 2012-04-04 08:55 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2016-02-24 20:08 - 2011-05-30 09:54 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-24 10:26 - 2014-10-26 18:40 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 10:26 - 2011-01-26 11:58 - 00001945 _____ C:\windows\epplauncher.mif
2016-02-24 10:25 - 2014-10-26 18:40 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-23 20:36 - 2010-11-15 12:40 - 00000000 ____D C:\Users\da\AppData\Roaming\Dropbox
2016-02-22 21:29 - 2014-10-12 16:23 - 00000000 ____D C:\Users\da\Desktop\Old Firefox Data
2016-02-22 21:14 - 2010-12-23 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-22 21:13 - 2009-07-14 02:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-22 21:12 - 2010-12-23 13:54 - 00000000 ____D C:\Program Files\Microsoft Works
2016-02-22 21:11 - 2010-04-25 20:36 - 00000000 ____D C:\windows\ShellNew
2016-02-20 22:19 - 2010-11-16 14:10 - 00000000 ____D C:\Users\da\Documents\Personal
2016-02-20 22:15 - 2010-11-16 13:41 - 00000000 ____D C:\Users\da\Documents\GroupMail
2016-02-20 22:11 - 2010-11-16 13:39 - 00000000 ____D C:\Users\da\Documents\Camper
2016-02-20 12:40 - 2010-11-07 19:50 - 00000000 ___RD C:\Program Files\Skype

==================== Files in the root of some directories =======

2013-01-12 16:40 - 2013-01-12 17:20 - 0025629 _____ () C:\Users\da\AppData\Roaming\Comma Separated Values (DOS).ADR
2013-01-14 17:27 - 2014-01-06 20:02 - 0025593 _____ () C:\Users\da\AppData\Roaming\Comma Separated Values (Windows).ADR
2011-03-08 12:00 - 2011-06-22 11:53 - 0001849 _____ () C:\Users\da\AppData\Roaming\GhostObjGAFix.xml
2011-03-28 15:03 - 2012-02-03 14:45 - 0022784 _____ () C:\Users\da\AppData\Roaming\Microsoft Excel 97-2003.ADR
2010-11-20 15:14 - 2010-11-20 15:15 - 0033280 ___SH () C:\Users\da\AppData\Roaming\Thumbs.db
2012-05-17 16:03 - 2012-11-22 16:29 - 0007106 _____ () C:\Users\da\AppData\Roaming\unins003.dat
2010-11-17 19:50 - 2010-11-17 19:51 - 0027623 _____ () C:\Users\da\AppData\Roaming\UserTile.png
2014-01-08 21:01 - 2014-01-08 21:01 - 0000059 _____ () C:\Users\da\AppData\Roaming\WB.CFG
2011-01-30 10:33 - 2012-05-12 19:59 - 0009728 _____ () C:\Users\da\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-15 12:14 - 2015-11-12 22:27 - 0007603 _____ () C:\Users\da\AppData\Local\Resmon.ResmonCfg
2012-07-20 13:32 - 2012-07-20 13:33 - 0258348 _____ () C:\Users\da\AppData\Local\rx_image32.Cache
2015-12-13 23:57 - 2015-12-13 23:57 - 0980170 _____ () C:\Users\da\AppData\Local\WAV-to-MP3-Converter_1533.rar
2010-11-07 19:52 - 2010-11-07 19:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-06-10 07:57 - 2015-07-22 20:50 - 0000426 _____ () C:\ProgramData\HPWALog.txt
2015-07-22 21:16 - 2015-07-22 21:16 - 0001664 _____ () C:\ProgramData\tempimage.bmp

Some files in TEMP:
====================
C:\Users\da\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-20 23:23

==================== End of FRST.txt ============================


  • 0

#59
pumpkinace

pumpkinace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hi Bruce1270

I have tried to open a website tonight that I haven't touched since we have started to clean up my computer and I am unable to get past the installation of adobe flash.  I have gone into the addins and updated flash and changed the option to ask to activate, but still not able to open up my website.  Is this something to do with what we have been doing or do you think it is a coincidence and the website itself is playing up?  this is the window that keeps coming up http://gardenplanner.suttons.co.uk/gardenplanner/gardenplanner.html# I will also send through a question to the website to see if there is a problem.  I subscribe to this website. Thanks Dawn


  • 0

#60
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,603 posts

I've managed to open the site OK in FF when I click on the link. What happens if you change the option to Always Activate in plugins?

 

If that doesn't work try uninstalling adobe flash and then downloading latest version from adobe website.

 

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP