Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infected Computer [Closed]

suspect virsus

  • This topic is locked This topic is locked

#1
bobanderson

bobanderson

    New Member

  • Member
  • Pip
  • 2 posts

Remove A serious malfunction has been detected with Windows 7 Please call this toll free number for a Microsoft Certified technician to help resolve the issue popup.

 

Unknown software found in Uninstall Option:

VXi Updater

Yontoo

 

Ran FRST and got the following:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by LDJ (administrator) on FUJITSULAPTOP (28-04-2016 02:36:20)
Running from C:\Users\LDJ\Desktop
Loaded Profiles: LDJ (Available Profiles: LDJ & Administrator & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(© 2015 Microsoft Corporation) C:\Users\LDJ\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(Dropbox, Inc.) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [200552 2011-01-11] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-08] (Realtek Semiconductor)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [FJUPDNV_Chitose] => C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe [157184 2010-01-12] (FUJITSU LIMITED)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-25] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1612872 2016-04-20] (APN)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [349000 2016-02-02] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Google Update] => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [BingSvc] => C:\Users\LDJ\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-14] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Dropbox Update] => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {141a8d95-c483-11e4-ab75-ec55f9d021d2} - F:\Startme.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {63ca00e2-fe3a-11e0-973b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {eee8bd15-a2fa-11e3-839b-ec55f9d021d2} - F:\Startme.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\FJSaver.scr [274432 2008-07-25] (FUJITSU LIMITED)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-10-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2013-06-20]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{105BC387-E4FC-4608-BD93-92A86F0EA8A4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8CE39562-5E31-4E25-B601-B2C484FF3A1E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-11-09] (Search Results LLC.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-03-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: Staging -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> c:\Users\All Users\dl159\159.dll [2014-11-20] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-07-31] (Yontoo LLC)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.2.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-21] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-09-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\LDJ\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @talk.google.com/O1DPlugin -> C:\Users\LDJ\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @tools.google.com/Google Update;version=3 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @tools.google.com/Google Update;version=9 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\LDJ\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\LDJ\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\searchplugins\bingp.xml [2012-12-13]
FF SearchPlugin: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\searchplugins\search-here.xml [2016-03-06]
FF Extension: Default Tab - C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\Extensions\[email protected] [2014-07-13] [not signed]
FF HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Unfriend Checker\FF => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll => No File
CHR Profile: C:\Users\LDJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\LDJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR HKU\S-1-5-21-160830771-534863156-566146573-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2012-08-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-04-20] (APN LLC.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173240 2014-09-22] (Microsoft Corp.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S4 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.)
R2 UpdateNaviInstallService; C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe [14336 2009-09-29] (FUJITSU LIMITED) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [1000208 2011-05-02] (Intel® Corporation)
S2 DefaultTabUpdate; "C:\Users\LDJ\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [131112 2010-10-04] (Broadcom Corporation.)
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [55824 2015-08-12] (CSR plc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-23] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [33096 2016-02-02] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-10-23] (Sony Mobile Communications)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-07-05] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803264 2011-03-10] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 02:36 - 2016-04-28 02:36 - 00032539 _____ C:\Users\LDJ\Desktop\FRST.txt
2016-04-28 02:35 - 2016-04-28 02:36 - 00000000 ____D C:\FRST
2016-04-28 02:24 - 2016-04-28 02:24 - 02376704 _____ (Farbar) C:\Users\LDJ\Desktop\FRST64.exe
2016-04-27 23:44 - 2016-04-27 23:44 - 00000000 ___HD C:\OneDriveTemp
2016-04-18 23:40 - 2016-04-18 23:40 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 14:24 - 2016-04-27 23:43 - 00000468 _____ C:\windows\Tasks\SDMsgUpdate (SD).job
2016-04-12 14:24 - 2016-04-13 11:11 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\SmartDraw
2016-04-12 14:24 - 2016-04-12 14:24 - 00003136 _____ C:\windows\System32\Tasks\SDMsgUpdate (SD)
2016-04-12 14:24 - 2016-04-12 14:24 - 00000964 _____ C:\Users\Public\Desktop\SmartDraw VP.lnk
2016-04-12 14:24 - 2016-04-12 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDraw VP
2016-04-12 14:10 - 2016-04-12 14:24 - 00000000 ____D C:\Program Files (x86)\SmartDraw VP
2016-04-10 22:52 - 2016-04-10 22:52 - 00426569 _____ C:\Users\LDJ\Desktop\Getty Villa General Admission (2).pdf
2016-04-10 22:51 - 2016-04-10 22:52 - 00427125 _____ C:\Users\LDJ\Desktop\Getty Villa General Admission (1).pdf
2016-04-05 23:15 - 2016-04-05 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 02:27 - 2015-05-21 13:19 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Skype
2016-04-28 02:20 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 02:20 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 01:54 - 2013-07-15 19:59 - 00000900 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job
2016-04-28 01:54 - 2011-10-24 06:43 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 01:53 - 2015-06-17 21:43 - 00000910 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job
2016-04-27 23:47 - 2009-07-13 22:13 - 00876082 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-27 23:47 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-04-27 23:46 - 2012-08-13 19:25 - 00000398 _____ C:\windows\Tasks\FreeFileViewerUpdateChecker.job
2016-04-27 23:46 - 2011-10-25 23:11 - 00000000 ___RD C:\Users\LDJ\Documents\Dropbox
2016-04-27 23:43 - 2011-10-24 06:43 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-27 23:41 - 2011-10-24 06:49 - 00078032 _____ (Absolute Software Corp.) C:\windows\SysWOW64\rpcnet.dll
2016-04-27 23:41 - 2011-05-02 11:14 - 00017920 _____ C:\windows\SysWOW64\rpcnetp.dll
2016-04-27 23:40 - 2011-05-02 11:13 - 00017920 _____ C:\windows\SysWOW64\rpcnetp.exe
2016-04-27 23:40 - 2011-05-02 11:13 - 00017920 _____ C:\windows\system32\rpcnetp.exe
2016-04-27 23:40 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-27 10:25 - 2013-07-15 19:59 - 00000848 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job
2016-04-26 23:02 - 2015-06-17 21:43 - 00000858 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job
2016-04-25 22:46 - 2014-02-19 22:52 - 00002151 _____ C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-19 02:51 - 2011-11-07 01:02 - 00000000 ____D C:\Users\LDJ\AppData\Local\ElevatedDiagnostics
2016-04-18 23:49 - 2016-03-22 11:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-18 23:49 - 2015-01-04 22:22 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-18 23:41 - 2011-10-25 22:52 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Dropbox
2016-04-18 23:39 - 2016-02-19 02:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-18 23:39 - 2015-05-21 13:19 - 00000000 ____D C:\ProgramData\Skype
2016-04-11 13:55 - 2014-02-08 22:20 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 13:55 - 2011-10-24 10:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-05 23:15 - 2015-12-22 17:10 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-04-05 23:15 - 2015-12-21 17:56 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

==================== Files in the root of some directories =======

2011-10-24 06:46 - 2011-10-24 06:47 - 0050291 _____ () C:\Users\LDJ\AppData\Local\IWDAudHelper.20111024.064626.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0000661 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064609.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0001578 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064612.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0001227 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064617.txt
2012-09-25 21:03 - 2012-09-25 21:03 - 0001549 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20120925.210327.txt
2013-06-05 20:23 - 2013-06-05 20:23 - 0001549 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20130605.202351.txt
2013-07-24 18:33 - 2013-07-24 18:33 - 0000017 _____ () C:\Users\LDJ\AppData\Local\resmon.resmoncfg
2013-02-04 13:32 - 2013-02-04 13:32 - 0000085 _____ () C:\Users\LDJ\AppData\Local\ZDManager.ini

Files to move or delete:
====================
C:\Users\LDJ\Firefox Setup Stub 23.0.1.exe
C:\Users\LDJ\jre-7u25-windows-i586.exe
C:\Users\LDJ\jre-7u25-windows-x64.exe

Some files in TEMP:
====================
C:\Users\LDJ\AppData\Local\Temp\BingSvc.exe
C:\Users\LDJ\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\LDJ\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\LDJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpp8oh.dll
C:\Users\LDJ\AppData\Local\Temp\sdcode.dll
C:\Users\LDJ\AppData\Local\Temp\_isA79B.exe
C:\Users\LDJ\AppData\Local\Temp\_isB5C7.exe
C:\Users\LDJ\AppData\Local\Temp\_isF17F.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-27 03:10

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by LDJ (2016-04-28 02:37:06)
Running from C:\Users\LDJ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-24 13:35:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-160830771-534863156-566146573-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-160830771-534863156-566146573-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-160830771-534863156-566146573-1002 - Limited - Enabled)
LDJ (S-1-5-21-160830771-534863156-566146573-1000 - Administrator - Enabled) => C:\Users\LDJ

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Algebrator 5.1 rc1 (HKLM-x32\...\Algebrator_is1) (Version:  - Softmath Inc)
Anytime USB Charge Utility (HKLM-x32\...\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}) (Version: 1.00.00.001 - FUJITSU LIMITED)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C2802}) (Version: 12.40.2.468 - APN, LLC) <==== ATTENTION
BearShare (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\BearShare) (Version: 11.0.0.133282 - Musiclab, LLC)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.98.0 - Microsoft Corporation)
Bootstrapper (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink MakeDisc (HKLM-x32\...\InstallShield_{b145ec69-66f5-11d8-9d75-000129760d75}) (Version: 4.0.3016 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3622 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3609.02 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3904 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defaulttab (HKLM-x32\...\DefaultTab) (Version: 2.6.1.0 - Search Results, LLC) <==== ATTENTION
Dropbox (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Evernote v. 4.6.3 (HKLM-x32\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52020.0 - Sonix)
Free File Viewer 2012 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software) <==== ATTENTION
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version:  - )
Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden
Fujitsu Driver Update (HKLM\...\{47BC37A3-35C8-484A-8CBD-851914EB095E}) (Version: 1.3.0012 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.001 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.3.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 2.0.7.018 - HTC Corporation)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LifeBook Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.2.1.0 - FUJITSU LIMITED)
LifeBook Application Panel (Version: 8.2.1.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\OneDriveSetup.exe) (Version: 17.3.6386.0412 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visio Viewer 2013 (HKLM\...\{95150000-0052-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.1.1 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.1.1.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.1.1.0 - Minitab, Inc.) Hidden
Minitab16 (x32 Version: 16.1.1.1 - Minitab Inc) Hidden
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OI App Manager (HKLM-x32\...\OI App Manager) (Version:  - Optimum Installer)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PHOTOfunSTUDIO 9.2 AE (HKLM-x32\...\{84F0A157-75D1-45C7-A209-EDFAB5C85F24}) (Version: 9.02.508 - Panasonic Corporation)
Plantronics MyHeadset Updater (x64) (HKLM\...\{D85873EE-09C9-4E3D-BC2E-F8DCE2F79ADD}) (Version: 2.8.26503.0 - Plantronics, Inc.)
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.024 - FUJITSU LIMITED)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6240 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Roxio Creator LJ (HKLM-x32\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.1.4.8 - Roxio)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SmartDraw VP (HKLM-x32\...\SmartDraw VP) (Version:  - SmartDraw.com)
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.14.201510090937 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sptnavi (HKLM-x32\...\Sptnavi) (Version:  - )
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.11656 - TeamViewer GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
TestGen (HKLM-x32\...\TestGen) (Version:  - )
TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft)
VXi Updater (HKLM-x32\...\{e727c807-6f7b-4d9d-93e1-55c16829be6a}) (Version: 100.4.3 - VXi Corporation)
VXi Updater V.100.4.3 (x32 Version: 100.4.3 - VXi Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6900 - Broadcom Corporation)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB  (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows Driver Package - VXi Corporation (CSRBC) USB  (06/09/2015 2.4.0.0) (HKLM\...\ECBD8E037F24726F218E0AE517162BE7EB01D564) (Version: 06/09/2015 2.4.0.0 - VXi Corporation)
Windows Driver Package - VXi Corporation (CSRBC) USB  (11/25/2014 2.4.0.0) (HKLM\...\5E5FA440154B5CF3441A53F0BB32412CD94DF44F) (Version: 11/25/2014 2.4.0.0 - VXi Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {067C3E84-4196-4FA1-BCC4-AC0B4B279A4E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {09794DC7-79F5-4168-8577-719E142C3EB2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {0E61A1B4-1ACF-411C-9A3A-CBFBE53716F9} - System32\Tasks\{83BFB6DB-F151-415E-A344-48B7F0C27D30} => pcalua.exe -a C:\Users\LDJ\Downloads\MFInstall.exe -d C:\Users\LDJ\Desktop
Task: {17595F89-F303-43A2-8BBE-8DD38722A38D} - System32\Tasks\{1833EBF0-ACF3-40C4-97E8-1DAC0F0254C1} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIN7867Q\AUDIO_REALTEKHD_V6.0.1.6240_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {1BD108E1-04FB-4320-8CB9-9F5C2BA602B5} - System32\Tasks\{E34C55FC-3EB3-4810-B597-C0481651B5DF} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\SUPPORT_CENTER_FUJITSU_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {31856C99-02CA-4498-8BA1-2EE3C3DEFCC7} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
Task: {52F25750-C3B1-4FD6-94E8-7F9F2EC3E9DD} - System32\Tasks\DefaultCheck => c:\Users\All Users\dtdata\R002.exe [2014-11-09] () <==== ATTENTION
Task: {5EF31D04-3334-4616-92F5-818E7AA25D04} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {63C049DA-A454-4DBE-AC0C-826CBC9EF629} - System32\Tasks\{618FDF07-C6ED-4EBA-8717-AB2D6A3BFE71} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOWAACVA\CHIPSET_V9.2.0.1021_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {6FDA80D3-39EA-465E-A7F7-BC1D3C7D19D5} - System32\Tasks\{774F3FEA-37FA-4211-99BE-3E2BCE2A9C66} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOWAACVA\POINTING_SYNAPTICS_V14.0.16.0_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {713C4FC4-E045-4E57-AC4D-AEE79D9CD1C7} - System32\Tasks\{DEA004CA-B600-4AE6-A69C-FDA4A911BD26} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIN7867Q\AUDIO_REALTEKHD_V6.0.1.6240_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {718276EA-4218-4DA9-AA41-54A5807305C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {771D38AE-D3FC-48E5-8226-B5BFDD2DA693} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7FB6ABC3-01CD-411E-87A7-AEADBFA25481} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8F490CE8-9BA6-4E76-8CF9-1D49BB1DC3B1} - System32\Tasks\{24F0BA00-4002-42DC-96F8-B6943325B659} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1H1H39S\USB_CHARGE_UTILITY_V1.00.00.001_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {A5CD401B-C57B-40B9-A5B9-909FB2944E12} - System32\Tasks\Default2Check => c:\Users\All Users\dtdata\R003.exe [2014-11-20] () <==== ATTENTION
Task: {A6E34311-E06A-43D3-B056-0320DF1BE8E0} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2012-08-10] (Trusted Software ApS) <==== ATTENTION
Task: {A71447B1-AF13-46C6-9E47-A0E0B8F199E6} - System32\Tasks\SDMsgUpdate (SD) => C:\Program Files (x86)\SmartDraw VP\Messages\SDNotify.exe [2010-04-06] ()
Task: {AD6C6976-260C-447D-85A1-58B60DD6E0E2} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2011-03-11] (Bitberry Software) <==== ATTENTION
Task: {B0CADFB6-ED9F-4C15-969B-8CE733C38446} - System32\Tasks\{A4D69CF9-0358-4FB2-A184-CE2FD6E37805} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\DISPLAY-MANAGER_FUJITSU_V7.01.20.212_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {B0F18517-9A19-4113-B5AC-FD6499CD1E87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {B6497724-C55B-46DB-8DD2-18C56797FF5D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {BD53F56F-1A86-48F6-AABD-EB562FDAF14F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {C1F87313-9FC3-456C-80AF-CB018D5BD8C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C5AAF649-D732-4D7B-9358-7444DB237538} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CDE86AB0-5032-4D38-814E-895F99086514} - System32\Tasks\DefaultReg => c:\Users\All Users\dtdata\R001.exe [2014-11-09] () <==== ATTENTION
Task: {CED288DF-EC22-4E33-A1B8-19C42016C640} - System32\Tasks\{2FD61854-25E0-413F-80F7-5A7F32BFBB15} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1H1H39S\SYS-EXTENSION-DRVR_V1.20_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {E6C77847-8F6F-4120-B883-27E63345D134} - System32\Tasks\{0DDB9703-1840-4E44-BAD5-6A3A30897057} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\HOTKEY-DRVR_V1.23_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {EF0309D9-C588-41E0-B5C0-EF9E80D734B1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F98C783E-A9A4-4A55-9939-05CE3A4F521F} - System32\Tasks\{2B6E675C-592A-4876-8154-0EEF7B4C4D95} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\MEI_INTEL_V7.0.0.1144(V7.0L02)_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {FB43159A-1D9A-461E-B811-4A777F57B8B2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SDMsgUpdate (SD).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe\-PSD -V19010001 -SSDU.ini -A -Mhxxp:/www.smartdraw.com/msgs/messagecheck.asp

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-03-25 13:45 - 2005-04-21 21:36 - 00143360 ____R () C:\windows\system32\BrSNMP64.dll
2016-04-25 22:46 - 2016-04-25 22:46 - 00959176 _____ () C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2011-02-15 04:26 - 2011-01-19 18:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-04-15 18:19 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2016-04-25 22:46 - 2016-04-25 22:46 - 00679624 _____ () C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2015-04-15 18:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-04-15 18:19 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-11-06 12:46 - 2015-11-06 12:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-04-15 18:19 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 16:59 - 2015-09-07 16:59 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-13 12:52 - 2015-11-13 12:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2016-04-18 23:39 - 2016-03-21 14:50 - 00034768 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-18 23:40 - 2016-03-21 14:51 - 00019408 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00116688 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-18 23:39 - 2016-03-21 14:50 - 00093640 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00018376 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\select.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00019760 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00105928 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00392144 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-18 23:39 - 2016-04-08 11:20 - 00381752 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00692688 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020816 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-18 23:39 - 2016-03-21 14:51 - 00112592 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 01682760 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021840 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00038696 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-18 23:40 - 2016-03-21 14:52 - 00020936 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024528 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00114640 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00124880 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021832 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024016 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00175560 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00030160 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00043472 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00028616 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00048592 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00026456 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00057808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024016 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00117056 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00023376 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00134608 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00134088 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-18 23:40 - 2016-03-21 14:51 - 00240584 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00024392 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-18 23:40 - 2016-03-21 14:52 - 00036296 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-18 23:40 - 2016-04-08 11:19 - 00052024 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00020800 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021824 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00019776 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00020800 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020280 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00350152 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00022352 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00084280 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-18 23:40 - 2016-04-08 11:20 - 01826096 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-04-18 23:39 - 2016-03-21 14:51 - 00083912 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 03928880 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 01971504 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00531248 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00132912 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00223544 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00207672 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00158008 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00042808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-18 23:40 - 2016-03-21 14:54 - 00017864 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-18 23:40 - 2016-03-21 14:54 - 01631184 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-18 23:39 - 2016-04-08 11:20 - 00024904 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00546096 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00357680 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-04-18 23:39 - 2016-03-21 14:56 - 00697304 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-03-25 13:44 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-04-11 13:55 - 2016-04-06 03:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 13:55 - 2016-04-06 03:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\adobe.com -> hxxps://get3.adobe.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\esisso.com -> hxxps://esisso.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\google.com -> hxxps://local.google.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\outlook.com -> hxxps://outlook.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2016-04-05 23:15 - 00000859 ____A C:\windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-160830771-534863156-566146573-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: SupportSoft RemoteAssist => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 9.2 AE.lnk => C:\windows\pss\PHOTOfunSTUDIO 9.2 AE.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^LDJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: Google Update => "C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk => C:\Users\LDJ\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Plantronics MyHeadset Updater => C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: snp2uvc => C:\windows\vsnp2uvc.exe
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E10B1254-0D99-4F3F-A840-875615B66CDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{FA9CB235-8BBA-4A92-9CC9-EC0C56F93D7F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{B1DC513A-A60A-47DE-BE3C-C28E94AC2A23}] => (Allow) C:\Program Files (x86)\CyberLink\MakeDisc\MakeDisc.exe
FirewallRules: [{0FA50BFA-C288-4F91-9404-BA4B5DE9E27B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7E2B393A-B11C-4260-A1F3-0A9A00CA3221}] => (Allow) LPort=2869
FirewallRules: [{02E43371-0F65-45C5-A73E-10820DBE7F9B}] => (Allow) LPort=1900
FirewallRules: [{9CFCA632-9622-4BB7-9121-B491AA3FAA60}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8353DDA0-7EB5-47C1-AD6E-E89FAF3CA16B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AD9E6B59-2F82-4CFE-B062-DF3FA7DD129B}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{286CC6C3-9413-4D02-BCF2-6643185456F4}] => (Allow) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{94EC9BC1-E32E-4958-9ED4-EBC89986EF13}] => (Allow) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AD1483CA-D804-4AB3-B533-94025428E8D4}C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{34A33500-F26F-469D-9C81-64ACA853A0A3}C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AC9EC41F-98BD-43E4-BFBD-D9C4353CDDD6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{85B0A5DF-18AE-4322-86AA-C716AD924F0E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{E1D6E41D-E9F0-40E9-9C2E-3CED4F9E319B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{2837BF06-494F-42F4-9CA4-B1C4BAE883B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{29A2334F-4FDC-435A-8DFB-A4D8893DF5BF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{2FAFA4BA-BC33-416D-9422-F7057F667E33}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{E26B4F28-5532-49E7-BE4A-9ACB33676A68}] => (Allow) LPort=54925
FirewallRules: [{1C255A82-76D1-41BA-A8FC-26A3A3B3F5B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{A028A490-D1AB-4504-AF6A-D11575B86DC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{D514F0FA-FB3A-41B2-9023-B3D925222DE7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{6BFE2177-9344-44C3-B945-DA715E6FFE54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{DC4BD4A5-12C6-4C93-8649-F331BD9D6D71}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{21E6A1D7-47DF-4276-8DAF-BE5B60103664}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{E92709E5-46FB-4F53-ABF1-DF4C690BD7CE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{54BB3CD4-F8D4-4F66-ADA7-A97FB9D4913A}] => (Allow) C:\Users\LDJ\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{02265E21-5A0E-4141-AE3C-85A3FBBC9AD7}] => (Allow) C:\Windows\System32\hasplms.exe
FirewallRules: [{1192AAAF-042B-4527-8D1C-D67684ECBFA1}] => (Allow) C:\Windows\System32\hasplms.exe
FirewallRules: [{EEA669F4-2777-483C-A7EC-FDA9BAFFF1E9}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{97339750-1AA3-42AD-B256-E005D51B9D6C}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{9270BA17-D6B5-44C0-863A-E610C566B543}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [TCP Query User{E2320660-9A03-4746-AFEB-19A5F7B02EF4}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{D4B1D86B-4E25-4C28-85E0-A2B9B2940D7F}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [{6387D680-DDE8-4C9B-B36D-5C571EA68ECF}] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{95005D95-8F03-4026-B3FC-1176CFAD793F}] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{FA2BC5C8-EE8D-4C66-9F4B-7D8711BC182C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5362B561-303B-4630-BBF1-AA012E79458C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{5A4E9289-5C80-40D2-93D1-DEA32229F9F3}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{9D57CF79-9691-4667-B9CE-F0B4ECA09F18}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{38C500EE-0839-4B8E-84DA-76E141C9D8F6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{25510C48-0873-48FD-A603-A903B8C6DFBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{469AA568-C8D7-48D0-8464-8015206300C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62BA76D7-29BC-4916-B6FE-CA7DE3051AC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F420AAB4-B42A-44DA-A1B3-6EB8A1B8570E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84103E2F-6250-480D-99F1-1D426B61F2E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-04-2016 03:17:26 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x61c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/27/2016 11:41:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2016 10:24:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program soffice.bin version 4.0.9774.500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 21f8

Start Time: 01d19f7fdc335f3a

Termination Time: 172

Application Path: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Report Id: dd9c3735-0c9c-11e6-aa0c-ec55f9d021d2

Error: (04/27/2016 09:23:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x960
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/27/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1a58
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 10:57:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x121c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 08:13:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x76c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x202c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/25/2016 10:47:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1c98
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/19/2016 08:56:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1300
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

System errors:
=============
Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/27/2016 11:41:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DefaultTabUpdate service failed to start due to the following error:
%%2

Error: (04/26/2016 01:49:20 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/18/2016 11:37:29 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 8104.67 MB
Available physical RAM: 3976.58 MB
Total Virtual: 9126.88 MB
Available Virtual: 4442.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:224.78 GB) (Free:3.79 GB) NTFS
Drive d: () (Fixed) (Total:224.78 GB) (Free:224.64 GB) NTFS
Drive e: (SmartDrawVP) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 68A8AA84)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=224.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=224.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Edited by bobanderson, 28 April 2016 - 03:32 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, I will need to take a look

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
bobanderson

bobanderson

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Thanks for the help. (Did discover the VXi Updater is for my headset).

 

Below are the  files:

 

Ran FRST and got the following:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by LDJ (administrator) on FUJITSULAPTOP (28-04-2016 02:36:20)
Running from C:\Users\LDJ\Desktop
Loaded Profiles: LDJ (Available Profiles: LDJ & Administrator & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(© 2015 Microsoft Corporation) C:\Users\LDJ\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(Dropbox, Inc.) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [200552 2011-01-11] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-08] (Realtek Semiconductor)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [FJUPDNV_Chitose] => C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe [157184 2010-01-12] (FUJITSU LIMITED)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-25] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1612872 2016-04-20] (APN)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [349000 2016-02-02] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Google Update] => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [BingSvc] => C:\Users\LDJ\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-14] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Dropbox Update] => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {141a8d95-c483-11e4-ab75-ec55f9d021d2} - F:\Startme.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {63ca00e2-fe3a-11e0-973b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {eee8bd15-a2fa-11e3-839b-ec55f9d021d2} - F:\Startme.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\FJSaver.scr [274432 2008-07-25] (FUJITSU LIMITED)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-10-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2013-06-20]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
Startup: C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{105BC387-E4FC-4608-BD93-92A86F0EA8A4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8CE39562-5E31-4E25-B601-B2C484FF3A1E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-11-09] (Search Results LLC.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-03-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: Staging -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> c:\Users\All Users\dl159\159.dll [2014-11-20] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-07-31] (Yontoo LLC)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-160830771-534863156-566146573-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.2.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-21] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll [2013-09-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\LDJ\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @talk.google.com/O1DPlugin -> C:\Users\LDJ\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @tools.google.com/Google Update;version=3 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-160830771-534863156-566146573-1000: @tools.google.com/Google Update;version=9 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\LDJ\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\LDJ\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\searchplugins\bingp.xml [2012-12-13]
FF SearchPlugin: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\searchplugins\search-here.xml [2016-03-06]
FF Extension: Default Tab - C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\Extensions\[email protected] [2014-07-13] [not signed]
FF HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Unfriend Checker\FF => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll => No File
CHR Profile: C:\Users\LDJ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\LDJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR HKU\S-1-5-21-160830771-534863156-566146573-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2012-08-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-04-20] (APN LLC.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173240 2014-09-22] (Microsoft Corp.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S4 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S4 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.)
R2 UpdateNaviInstallService; C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe [14336 2009-09-29] (FUJITSU LIMITED) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [1000208 2011-05-02] (Intel® Corporation)
S2 DefaultTabUpdate; "C:\Users\LDJ\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [131112 2010-10-04] (Broadcom Corporation.)
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [55824 2015-08-12] (CSR plc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-23] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [33096 2016-02-02] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-10-23] (Sony Mobile Communications)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-07-05] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803264 2011-03-10] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 02:36 - 2016-04-28 02:36 - 00032539 _____ C:\Users\LDJ\Desktop\FRST.txt
2016-04-28 02:35 - 2016-04-28 02:36 - 00000000 ____D C:\FRST
2016-04-28 02:24 - 2016-04-28 02:24 - 02376704 _____ (Farbar) C:\Users\LDJ\Desktop\FRST64.exe
2016-04-27 23:44 - 2016-04-27 23:44 - 00000000 ___HD C:\OneDriveTemp
2016-04-18 23:40 - 2016-04-18 23:40 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-12 14:24 - 2016-04-27 23:43 - 00000468 _____ C:\windows\Tasks\SDMsgUpdate (SD).job
2016-04-12 14:24 - 2016-04-13 11:11 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\SmartDraw
2016-04-12 14:24 - 2016-04-12 14:24 - 00003136 _____ C:\windows\System32\Tasks\SDMsgUpdate (SD)
2016-04-12 14:24 - 2016-04-12 14:24 - 00000964 _____ C:\Users\Public\Desktop\SmartDraw VP.lnk
2016-04-12 14:24 - 2016-04-12 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDraw VP
2016-04-12 14:10 - 2016-04-12 14:24 - 00000000 ____D C:\Program Files (x86)\SmartDraw VP
2016-04-10 22:52 - 2016-04-10 22:52 - 00426569 _____ C:\Users\LDJ\Desktop\Getty Villa General Admission (2).pdf
2016-04-10 22:51 - 2016-04-10 22:52 - 00427125 _____ C:\Users\LDJ\Desktop\Getty Villa General Admission (1).pdf
2016-04-05 23:15 - 2016-04-05 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 02:27 - 2015-05-21 13:19 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Skype
2016-04-28 02:20 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-28 02:20 - 2009-07-13 21:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-28 01:54 - 2013-07-15 19:59 - 00000900 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job
2016-04-28 01:54 - 2011-10-24 06:43 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 01:53 - 2015-06-17 21:43 - 00000910 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job
2016-04-27 23:47 - 2009-07-13 22:13 - 00876082 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-27 23:47 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-04-27 23:46 - 2012-08-13 19:25 - 00000398 _____ C:\windows\Tasks\FreeFileViewerUpdateChecker.job
2016-04-27 23:46 - 2011-10-25 23:11 - 00000000 ___RD C:\Users\LDJ\Documents\Dropbox
2016-04-27 23:43 - 2011-10-24 06:43 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-27 23:41 - 2011-10-24 06:49 - 00078032 _____ (Absolute Software Corp.) C:\windows\SysWOW64\rpcnet.dll
2016-04-27 23:41 - 2011-05-02 11:14 - 00017920 _____ C:\windows\SysWOW64\rpcnetp.dll
2016-04-27 23:40 - 2011-05-02 11:13 - 00017920 _____ C:\windows\SysWOW64\rpcnetp.exe
2016-04-27 23:40 - 2011-05-02 11:13 - 00017920 _____ C:\windows\system32\rpcnetp.exe
2016-04-27 23:40 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-27 10:25 - 2013-07-15 19:59 - 00000848 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job
2016-04-26 23:02 - 2015-06-17 21:43 - 00000858 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job
2016-04-25 22:46 - 2014-02-19 22:52 - 00002151 _____ C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-22 00:57 - 2010-11-20 20:27 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-19 02:51 - 2011-11-07 01:02 - 00000000 ____D C:\Users\LDJ\AppData\Local\ElevatedDiagnostics
2016-04-18 23:49 - 2016-03-22 11:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-18 23:49 - 2015-01-04 22:22 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-18 23:41 - 2011-10-25 22:52 - 00000000 ____D C:\Users\LDJ\AppData\Roaming\Dropbox
2016-04-18 23:39 - 2016-02-19 02:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-18 23:39 - 2015-05-21 13:19 - 00000000 ____D C:\ProgramData\Skype
2016-04-11 13:55 - 2014-02-08 22:20 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 13:55 - 2011-10-24 10:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-05 23:15 - 2015-12-22 17:10 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-04-05 23:15 - 2015-12-21 17:56 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

==================== Files in the root of some directories =======

2011-10-24 06:46 - 2011-10-24 06:47 - 0050291 _____ () C:\Users\LDJ\AppData\Local\IWDAudHelper.20111024.064626.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0000661 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064609.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0001578 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064612.txt
2011-10-24 06:46 - 2011-10-24 06:46 - 0001227 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20111024.064617.txt
2012-09-25 21:03 - 2012-09-25 21:03 - 0001549 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20120925.210327.txt
2013-06-05 20:23 - 2013-06-05 20:23 - 0001549 _____ () C:\Users\LDJ\AppData\Local\PDLSetup.20130605.202351.txt
2013-07-24 18:33 - 2013-07-24 18:33 - 0000017 _____ () C:\Users\LDJ\AppData\Local\resmon.resmoncfg
2013-02-04 13:32 - 2013-02-04 13:32 - 0000085 _____ () C:\Users\LDJ\AppData\Local\ZDManager.ini

Files to move or delete:
====================
C:\Users\LDJ\Firefox Setup Stub 23.0.1.exe
C:\Users\LDJ\jre-7u25-windows-i586.exe
C:\Users\LDJ\jre-7u25-windows-x64.exe

Some files in TEMP:
====================
C:\Users\LDJ\AppData\Local\Temp\BingSvc.exe
C:\Users\LDJ\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\LDJ\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\LDJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxpp8oh.dll
C:\Users\LDJ\AppData\Local\Temp\sdcode.dll
C:\Users\LDJ\AppData\Local\Temp\_isA79B.exe
C:\Users\LDJ\AppData\Local\Temp\_isB5C7.exe
C:\Users\LDJ\AppData\Local\Temp\_isF17F.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-27 03:10

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by LDJ (2016-04-28 02:37:06)
Running from C:\Users\LDJ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-24 13:35:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-160830771-534863156-566146573-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-160830771-534863156-566146573-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-160830771-534863156-566146573-1002 - Limited - Enabled)
LDJ (S-1-5-21-160830771-534863156-566146573-1000 - Administrator - Enabled) => C:\Users\LDJ

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Algebrator 5.1 rc1 (HKLM-x32\...\Algebrator_is1) (Version:  - Softmath Inc)
Anytime USB Charge Utility (HKLM-x32\...\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}) (Version: 1.00.00.001 - FUJITSU LIMITED)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C2802}) (Version: 12.40.2.468 - APN, LLC) <==== ATTENTION
BearShare (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\BearShare) (Version: 11.0.0.133282 - Musiclab, LLC)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.98.0 - Microsoft Corporation)
Bootstrapper (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink MakeDisc (HKLM-x32\...\InstallShield_{b145ec69-66f5-11d8-9d75-000129760d75}) (Version: 4.0.3016 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3622 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3609.02 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3904 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defaulttab (HKLM-x32\...\DefaultTab) (Version: 2.6.1.0 - Search Results, LLC) <==== ATTENTION
Dropbox (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Evernote v. 4.6.3 (HKLM-x32\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52020.0 - Sonix)
Free File Viewer 2012 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software) <==== ATTENTION
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version:  - )
Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden
Fujitsu Driver Update (HKLM\...\{47BC37A3-35C8-484A-8CBD-851914EB095E}) (Version: 1.3.0012 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.001 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.3.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 2.0.7.018 - HTC Corporation)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LifeBook Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.2.1.0 - FUJITSU LIMITED)
LifeBook Application Panel (Version: 8.2.1.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-160830771-534863156-566146573-1000\...\OneDriveSetup.exe) (Version: 17.3.6386.0412 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visio Viewer 2013 (HKLM\...\{95150000-0052-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.1.1 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.1.1.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.1.1.0 - Minitab, Inc.) Hidden
Minitab16 (x32 Version: 16.1.1.1 - Minitab Inc) Hidden
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OI App Manager (HKLM-x32\...\OI App Manager) (Version:  - Optimum Installer)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PHOTOfunSTUDIO 9.2 AE (HKLM-x32\...\{84F0A157-75D1-45C7-A209-EDFAB5C85F24}) (Version: 9.02.508 - Panasonic Corporation)
Plantronics MyHeadset Updater (x64) (HKLM\...\{D85873EE-09C9-4E3D-BC2E-F8DCE2F79ADD}) (Version: 2.8.26503.0 - Plantronics, Inc.)
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.024 - FUJITSU LIMITED)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6240 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Roxio Creator LJ (HKLM-x32\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.1.4.8 - Roxio)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SmartDraw VP (HKLM-x32\...\SmartDraw VP) (Version:  - SmartDraw.com)
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.14.201510090937 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Sptnavi (HKLM-x32\...\Sptnavi) (Version:  - )
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.11656 - TeamViewer GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
TestGen (HKLM-x32\...\TestGen) (Version:  - )
TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft)
VXi Updater (HKLM-x32\...\{e727c807-6f7b-4d9d-93e1-55c16829be6a}) (Version: 100.4.3 - VXi Corporation)
VXi Updater V.100.4.3 (x32 Version: 100.4.3 - VXi Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6900 - Broadcom Corporation)
Windows Driver Package - Cambridge Silicon Radio (CSRBC) USB  (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows Driver Package - VXi Corporation (CSRBC) USB  (06/09/2015 2.4.0.0) (HKLM\...\ECBD8E037F24726F218E0AE517162BE7EB01D564) (Version: 06/09/2015 2.4.0.0 - VXi Corporation)
Windows Driver Package - VXi Corporation (CSRBC) USB  (11/25/2014 2.4.0.0) (HKLM\...\5E5FA440154B5CF3441A53F0BB32412CD94DF44F) (Version: 11/25/2014 2.4.0.0 - VXi Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\LDJ\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {067C3E84-4196-4FA1-BCC4-AC0B4B279A4E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {09794DC7-79F5-4168-8577-719E142C3EB2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {0E61A1B4-1ACF-411C-9A3A-CBFBE53716F9} - System32\Tasks\{83BFB6DB-F151-415E-A344-48B7F0C27D30} => pcalua.exe -a C:\Users\LDJ\Downloads\MFInstall.exe -d C:\Users\LDJ\Desktop
Task: {17595F89-F303-43A2-8BBE-8DD38722A38D} - System32\Tasks\{1833EBF0-ACF3-40C4-97E8-1DAC0F0254C1} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIN7867Q\AUDIO_REALTEKHD_V6.0.1.6240_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {1BD108E1-04FB-4320-8CB9-9F5C2BA602B5} - System32\Tasks\{E34C55FC-3EB3-4810-B597-C0481651B5DF} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\SUPPORT_CENTER_FUJITSU_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {31856C99-02CA-4498-8BA1-2EE3C3DEFCC7} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
Task: {52F25750-C3B1-4FD6-94E8-7F9F2EC3E9DD} - System32\Tasks\DefaultCheck => c:\Users\All Users\dtdata\R002.exe [2014-11-09] () <==== ATTENTION
Task: {5EF31D04-3334-4616-92F5-818E7AA25D04} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {63C049DA-A454-4DBE-AC0C-826CBC9EF629} - System32\Tasks\{618FDF07-C6ED-4EBA-8717-AB2D6A3BFE71} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOWAACVA\CHIPSET_V9.2.0.1021_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {6FDA80D3-39EA-465E-A7F7-BC1D3C7D19D5} - System32\Tasks\{774F3FEA-37FA-4211-99BE-3E2BCE2A9C66} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HOWAACVA\POINTING_SYNAPTICS_V14.0.16.0_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {713C4FC4-E045-4E57-AC4D-AEE79D9CD1C7} - System32\Tasks\{DEA004CA-B600-4AE6-A69C-FDA4A911BD26} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIN7867Q\AUDIO_REALTEKHD_V6.0.1.6240_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {718276EA-4218-4DA9-AA41-54A5807305C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {771D38AE-D3FC-48E5-8226-B5BFDD2DA693} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7FB6ABC3-01CD-411E-87A7-AEADBFA25481} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8F490CE8-9BA6-4E76-8CF9-1D49BB1DC3B1} - System32\Tasks\{24F0BA00-4002-42DC-96F8-B6943325B659} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1H1H39S\USB_CHARGE_UTILITY_V1.00.00.001_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {A5CD401B-C57B-40B9-A5B9-909FB2944E12} - System32\Tasks\Default2Check => c:\Users\All Users\dtdata\R003.exe [2014-11-20] () <==== ATTENTION
Task: {A6E34311-E06A-43D3-B056-0320DF1BE8E0} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2012-08-10] (Trusted Software ApS) <==== ATTENTION
Task: {A71447B1-AF13-46C6-9E47-A0E0B8F199E6} - System32\Tasks\SDMsgUpdate (SD) => C:\Program Files (x86)\SmartDraw VP\Messages\SDNotify.exe [2010-04-06] ()
Task: {AD6C6976-260C-447D-85A1-58B60DD6E0E2} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2011-03-11] (Bitberry Software) <==== ATTENTION
Task: {B0CADFB6-ED9F-4C15-969B-8CE733C38446} - System32\Tasks\{A4D69CF9-0358-4FB2-A184-CE2FD6E37805} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\DISPLAY-MANAGER_FUJITSU_V7.01.20.212_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {B0F18517-9A19-4113-B5AC-FD6499CD1E87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {B6497724-C55B-46DB-8DD2-18C56797FF5D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {BD53F56F-1A86-48F6-AABD-EB562FDAF14F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {C1F87313-9FC3-456C-80AF-CB018D5BD8C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C5AAF649-D732-4D7B-9358-7444DB237538} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CDE86AB0-5032-4D38-814E-895F99086514} - System32\Tasks\DefaultReg => c:\Users\All Users\dtdata\R001.exe [2014-11-09] () <==== ATTENTION
Task: {CED288DF-EC22-4E33-A1B8-19C42016C640} - System32\Tasks\{2FD61854-25E0-413F-80F7-5A7F32BFBB15} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1H1H39S\SYS-EXTENSION-DRVR_V1.20_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {E6C77847-8F6F-4120-B883-27E63345D134} - System32\Tasks\{0DDB9703-1840-4E44-BAD5-6A3A30897057} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\HOTKEY-DRVR_V1.23_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {EF0309D9-C588-41E0-B5C0-EF9E80D734B1} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F98C783E-A9A4-4A55-9939-05CE3A4F521F} - System32\Tasks\{2B6E675C-592A-4876-8154-0EEF7B4C4D95} => pcalua.exe -a "C:\Users\LDJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGZB24KP\MEI_INTEL_V7.0.0.1144(V7.0L02)_WIN7-64_CA41534-9367.EXE" -d C:\Users\LDJ\Desktop
Task: {FB43159A-1D9A-461E-B811-4A777F57B8B2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job => C:\Users\LDJ\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000Core.job => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-160830771-534863156-566146573-1000UA.job => C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SDMsgUpdate (SD).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe\-PSD -V19010001 -SSDU.ini -A -Mhxxp:/www.smartdraw.com/msgs/messagecheck.asp

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-03-25 13:45 - 2005-04-21 21:36 - 00143360 ____R () C:\windows\system32\BrSNMP64.dll
2016-04-25 22:46 - 2016-04-25 22:46 - 00959176 _____ () C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2011-02-15 04:26 - 2011-01-19 18:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-04-15 18:19 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2016-04-25 22:46 - 2016-04-25 22:46 - 00679624 _____ () C:\Users\LDJ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2015-04-15 18:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-04-15 18:19 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-11-06 12:46 - 2015-11-06 12:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-04-15 18:19 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 16:59 - 2015-09-07 16:59 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-13 12:52 - 2015-11-13 12:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2016-04-18 23:39 - 2016-03-21 14:50 - 00034768 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-18 23:40 - 2016-03-21 14:51 - 00019408 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00116688 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-18 23:39 - 2016-03-21 14:50 - 00093640 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00018376 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\select.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00019760 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00105928 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00392144 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-18 23:39 - 2016-04-08 11:20 - 00381752 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00692688 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020816 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-18 23:39 - 2016-03-21 14:51 - 00112592 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 01682760 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021840 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00038696 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-18 23:40 - 2016-03-21 14:52 - 00020936 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024528 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00114640 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00124880 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021832 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024016 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00175560 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00030160 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00043472 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00028616 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00048592 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00026456 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00057808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00024016 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00117056 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00023376 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-18 23:39 - 2016-03-21 14:50 - 00134608 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-18 23:40 - 2016-03-21 14:50 - 00134088 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-18 23:40 - 2016-03-21 14:51 - 00240584 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00024392 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-18 23:40 - 2016-03-21 14:52 - 00036296 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-18 23:40 - 2016-04-08 11:19 - 00052024 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00020800 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00021824 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00019776 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00020800 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00020280 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-18 23:39 - 2016-03-21 14:52 - 00350152 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-18 23:39 - 2016-04-08 11:20 - 00022352 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-18 23:40 - 2016-04-08 11:19 - 00084280 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-18 23:40 - 2016-04-08 11:20 - 01826096 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-04-18 23:39 - 2016-03-21 14:51 - 00083912 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 03928880 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 01971504 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00531248 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00132912 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00223544 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00207672 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00158008 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00042808 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-18 23:40 - 2016-03-21 14:54 - 00017864 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-18 23:40 - 2016-03-21 14:54 - 01631184 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-18 23:39 - 2016-04-08 11:20 - 00024904 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00546096 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-18 23:40 - 2016-04-08 11:20 - 00357680 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-04-18 23:39 - 2016-03-21 14:56 - 00697304 _____ () C:\Users\LDJ\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-03-25 13:44 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-04-11 13:55 - 2016-04-06 03:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 13:55 - 2016-04-06 03:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\adobe.com -> hxxps://get3.adobe.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\esisso.com -> hxxps://esisso.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\google.com -> hxxps://local.google.com
IE trusted site: HKU\S-1-5-21-160830771-534863156-566146573-1000\...\outlook.com -> hxxps://outlook.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2016-04-05 23:15 - 00000859 ____A C:\windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-160830771-534863156-566146573-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LDJ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: SupportSoft RemoteAssist => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 9.2 AE.lnk => C:\windows\pss\PHOTOfunSTUDIO 9.2 AE.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^LDJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: Google Update => "C:\Users\LDJ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk => C:\Users\LDJ\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Plantronics MyHeadset Updater => C:\Program Files\Plantronics\MyHeadsetUpdater\MyHeadsetUpdater.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: snp2uvc => C:\windows\vsnp2uvc.exe
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E10B1254-0D99-4F3F-A840-875615B66CDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{FA9CB235-8BBA-4A92-9CC9-EC0C56F93D7F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{B1DC513A-A60A-47DE-BE3C-C28E94AC2A23}] => (Allow) C:\Program Files (x86)\CyberLink\MakeDisc\MakeDisc.exe
FirewallRules: [{0FA50BFA-C288-4F91-9404-BA4B5DE9E27B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7E2B393A-B11C-4260-A1F3-0A9A00CA3221}] => (Allow) LPort=2869
FirewallRules: [{02E43371-0F65-45C5-A73E-10820DBE7F9B}] => (Allow) LPort=1900
FirewallRules: [{9CFCA632-9622-4BB7-9121-B491AA3FAA60}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8353DDA0-7EB5-47C1-AD6E-E89FAF3CA16B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AD9E6B59-2F82-4CFE-B062-DF3FA7DD129B}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{286CC6C3-9413-4D02-BCF2-6643185456F4}] => (Allow) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{94EC9BC1-E32E-4958-9ED4-EBC89986EF13}] => (Allow) C:\Users\LDJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{AD1483CA-D804-4AB3-B533-94025428E8D4}C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{34A33500-F26F-469D-9C81-64ACA853A0A3}C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ldj\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AC9EC41F-98BD-43E4-BFBD-D9C4353CDDD6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{85B0A5DF-18AE-4322-86AA-C716AD924F0E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{E1D6E41D-E9F0-40E9-9C2E-3CED4F9E319B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{2837BF06-494F-42F4-9CA4-B1C4BAE883B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{29A2334F-4FDC-435A-8DFB-A4D8893DF5BF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{2FAFA4BA-BC33-416D-9422-F7057F667E33}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{E26B4F28-5532-49E7-BE4A-9ACB33676A68}] => (Allow) LPort=54925
FirewallRules: [{1C255A82-76D1-41BA-A8FC-26A3A3B3F5B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{A028A490-D1AB-4504-AF6A-D11575B86DC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
FirewallRules: [{D514F0FA-FB3A-41B2-9023-B3D925222DE7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{6BFE2177-9344-44C3-B945-DA715E6FFE54}] => (Allow) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
FirewallRules: [{DC4BD4A5-12C6-4C93-8649-F331BD9D6D71}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{21E6A1D7-47DF-4276-8DAF-BE5B60103664}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{E92709E5-46FB-4F53-ABF1-DF4C690BD7CE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{54BB3CD4-F8D4-4F66-ADA7-A97FB9D4913A}] => (Allow) C:\Users\LDJ\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{02265E21-5A0E-4141-AE3C-85A3FBBC9AD7}] => (Allow) C:\Windows\System32\hasplms.exe
FirewallRules: [{1192AAAF-042B-4527-8D1C-D67684ECBFA1}] => (Allow) C:\Windows\System32\hasplms.exe
FirewallRules: [{EEA669F4-2777-483C-A7EC-FDA9BAFFF1E9}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{97339750-1AA3-42AD-B256-E005D51B9D6C}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{9270BA17-D6B5-44C0-863A-E610C566B543}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [TCP Query User{E2320660-9A03-4746-AFEB-19A5F7B02EF4}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{D4B1D86B-4E25-4C28-85E0-A2B9B2940D7F}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [{6387D680-DDE8-4C9B-B36D-5C571EA68ECF}] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{95005D95-8F03-4026-B3FC-1176CFAD793F}] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{FA2BC5C8-EE8D-4C66-9F4B-7D8711BC182C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5362B561-303B-4630-BBF1-AA012E79458C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{5A4E9289-5C80-40D2-93D1-DEA32229F9F3}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{9D57CF79-9691-4667-B9CE-F0B4ECA09F18}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{38C500EE-0839-4B8E-84DA-76E141C9D8F6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{25510C48-0873-48FD-A603-A903B8C6DFBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{469AA568-C8D7-48D0-8464-8015206300C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62BA76D7-29BC-4916-B6FE-CA7DE3051AC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F420AAB4-B42A-44DA-A1B3-6EB8A1B8570E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84103E2F-6250-480D-99F1-1D426B61F2E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-04-2016 03:17:26 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x61c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/27/2016 11:41:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2016 10:24:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program soffice.bin version 4.0.9774.500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 21f8

Start Time: 01d19f7fdc335f3a

Termination Time: 172

Application Path: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

Report Id: dd9c3735-0c9c-11e6-aa0c-ec55f9d021d2

Error: (04/27/2016 09:23:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x960
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/27/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1a58
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 10:57:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x121c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 08:13:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x76c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/26/2016 12:21:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x202c
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/25/2016 10:47:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1c98
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

Error: (04/19/2016 08:56:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: R003.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3
Exception code: 0x0eedfade
Fault offset: 0x0000c52f
Faulting process id: 0x1300
Faulting application start time: 0xR003.exe0
Faulting application path: R003.exe1
Faulting module path: R003.exe2
Report Id: R003.exe3

System errors:
=============
Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/27/2016 11:44:31 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/27/2016 11:41:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DefaultTabUpdate service failed to start due to the following error:
%%2

Error: (04/26/2016 01:49:20 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/18/2016 11:37:29 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/

Error: (04/18/2016 11:37:01 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 8104.67 MB
Available physical RAM: 3976.58 MB
Total Virtual: 9126.88 MB
Available Virtual: 4442.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:224.78 GB) (Free:3.79 GB) NTFS
Drive d: () (Fixed) (Total:224.78 GB) (Free:224.64 GB) NTFS
Drive e: (SmartDrawVP) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 68A8AA84)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=224.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=224.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Edited by bobanderson, 28 April 2016 - 03:59 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know of any problems after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1612872 2016-04-20] (APN)
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {141a8d95-c483-11e4-ab75-ec55f9d021d2} - F:\Startme.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {63ca00e2-fe3a-11e0-973b-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-160830771-534863156-566146573-1000\...\MountPoints2: {eee8bd15-a2fa-11e3-839b-ec55f9d021d2} - F:\Startme.exe
BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-11-09] (Search Results LLC.)
BHO-x32: Staging -> {C35B7206-62EB-F808-5475-18A6FDE7DD94} -> c:\Users\All Users\dl159\159.dll [2014-11-20] ()
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-07-31] (Yontoo LLC)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-04-20] (APN LLC.)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-04-20] (APN LLC.)
FF SearchPlugin: C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\searchplugins\search-here.xml [2016-03-06]
FF Extension: Default Tab - C:\Users\LDJ\AppData\Roaming\Mozilla\Firefox\Profiles\jl95rrpx.default\Extensions\[email protected] [2014-07-13] [not signed]
FF HKU\S-1-5-21-160830771-534863156-566146573-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Unfriend Checker\FF => not found
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-04-20] (APN LLC.)
S2 DefaultTabUpdate; "C:\Users\LDJ\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
2016-04-12 14:24 - 2016-04-27 23:43 - 00000468 _____ C:\windows\Tasks\SDMsgUpdate (SD).job
2016-04-05 23:15 - 2016-04-05 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-04-27 23:46 - 2012-08-13 19:25 - 00000398 _____ C:\windows\Tasks\FreeFileViewerUpdateChecker.job
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-160830771-534863156-566146573-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\LDJ\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {52F25750-C3B1-4FD6-94E8-7F9F2EC3E9DD} - System32\Tasks\DefaultCheck => c:\Users\All Users\dtdata\R002.exe [2014-11-09] () <==== ATTENTION
Task: {A5CD401B-C57B-40B9-A5B9-909FB2944E12} - System32\Tasks\Default2Check => c:\Users\All Users\dtdata\R003.exe [2014-11-20] () <==== ATTENTION
Task: {A6E34311-E06A-43D3-B056-0320DF1BE8E0} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2012-08-10] (Trusted Software ApS) <==== ATTENTION
Task: {AD6C6976-260C-447D-85A1-58B60DD6E0E2} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2011-03-11] (Bitberry Software) <==== ATTENTION
Task: {CDE86AB0-5032-4D38-814E-895F99086514} - System32\Tasks\DefaultReg => c:\Users\All Users\dtdata\R001.exe [2014-11-09] () <==== ATTENTION
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
C:\Program Files (x86)\AskPartnerNetwork
C:\windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab
c:\Users\All Users\dl159
C:\Program Files (x86)\Yontoo
C:\Users\LDJ\AppData\Roaming\DefaultTab
c:\Users\All Users\dtdata
C:\Program Files (x86)\File Type Assistant
C:\Program Files (x86)\FreeFileViewer
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP