Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Anti virus / malware programs won't run updates

Started by puthu , May 27 2016 08:16 AM

Please log in to reply

#1
puthu

Posted 27 May 2016 - 08:16 AM

Member

Member
153 posts

Hi, trying to update the Anti virus and malware programs but it won't let me complete the download. It gives a message that "it did not update". I don't have an Anti virus software other than the Microsoft security essentials.
Please advise, thanks

#2
RKinner

Posted 27 May 2016 - 09:02 AM

Malware Expert

Expert
24,624 posts

Are you out of space on the hard drive?

If not then:

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

#3
puthu

Posted 27 May 2016 - 01:54 PM

Member

Topic Starter
Member
153 posts

My hard drive is not full.

the log files as requested ;

# AdwCleaner v5.118 - Logfile created 27/05/2016 at 16:27:07
# Updated 23/05/2016 by Xplode
# Database : 2016-05-26.2 [Server]
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Yahoo!\Common\unyt.exe

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList
[-] Key Deleted : HKLM\SOFTWARE\Classes\YPUBC.StringList.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YTHelper.2
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand
[-] Key Deleted : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\facemoods.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Yahoo\Companion

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7506 bytes] - [27/05/2016 16:27:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [7196 bytes] - [27/05/2016 16:25:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7652 bytes] ##########

# AdwCleaner v5.118 - Logfile created 27/05/2016 at 16:25:28
# Updated 23/05/2016 by Xplode
# Database : 2016-05-26.2 [Server]
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (X86)
# Username : Allen - ALLEN-PC
# Running from : C:\Users\Allen\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

File Found : C:\Program Files\Yahoo!\Common\unyt.exe

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\yt.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTBM.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL
Key Found : HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin
Key Found : HKLM\SOFTWARE\Classes\Yahoo.AntiSpyPlugin.6
Key Found : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin
Key Found : HKLM\SOFTWARE\Classes\Yahoo.PopupBlockerPlugin.4
Key Found : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin
Key Found : HKLM\SOFTWARE\Classes\YCAPlugin.CAYASPlugin.1
Key Found : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin
Key Found : HKLM\SOFTWARE\Classes\YMERemote.YMECompPlugin.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl
Key Found : HKLM\SOFTWARE\Classes\YPUBC.BlockerCtrl.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.DataStore
Key Found : HKLM\SOFTWARE\Classes\YPUBC.DataStore.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler
Key Found : HKLM\SOFTWARE\Classes\YPUBC.PUBHTMLEventHandler.1
Key Found : HKLM\SOFTWARE\Classes\YPUBC.StringList
Key Found : HKLM\SOFTWARE\Classes\YPUBC.StringList.1
Key Found : HKLM\SOFTWARE\Classes\yt.YTHelper
Key Found : HKLM\SOFTWARE\Classes\yt.YTHelper.2
Key Found : HKLM\SOFTWARE\Classes\yt.YToolbarBand
Key Found : HKLM\SOFTWARE\Classes\yt.YToolbarBand.1
Key Found : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl
Key Found : HKLM\SOFTWARE\Classes\YTabBar.YTabBarControl.1
Key Found : HKLM\SOFTWARE\Classes\YTBM.YTBMButton
Key Found : HKLM\SOFTWARE\Classes\YTBM.YTBMButton.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345}
Key Found : HKLM\SOFTWARE\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
Key Found : HKLM\SOFTWARE\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980}
Key Found : HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Key Found : HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Key Found : HKLM\SOFTWARE\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
Key Found : HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SafeWeb
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\facemoods.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Yahoo\Companion

***** [ Web browsers ] *****

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [7044 bytes] - [27/05/2016 16:25:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7117 bytes] ##########

junkware removal tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows Vista ™ Home Premium x86
Ran by Allen (Administrator) on 27/05/2016 at 16:34:23.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 117

Successfully deleted: C:\Users\Allen\AppData\Local\{0111A6E7-9609-4816-A943-04D3A265A795} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{038651C7-0771-47B7-90B5-1B9474B0EC27} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{049A5522-D38C-4BE1-B4DE-86B5310A75AC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{07CAEF87-0D4F-4EA9-A91A-1054C504D0CB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{093281CC-ED99-4818-943F-A6440E6464AF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0B603D39-AEBA-4B0D-8B80-7090C021BE9F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0E41A9FF-6C6E-443D-AC7A-95350ACBC69E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{0FCD1D09-E63F-4E08-BEAB-267449D9E2B2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{1035B2DC-F98C-4624-8BD1-1568FB6413C2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{143DDFD7-4A00-460A-9CEB-F13C83A59753} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{15CC08B3-80C1-4859-9DDF-6E8C72E2FDE0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{1A02A01E-36FC-49C1-B29D-BDE3DB6D8A12} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{228E4EBA-EEC2-49C1-AD51-F705919F478E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{2471A811-14F6-4C97-9B67-214D65C59DFB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{27C6B51F-E5D6-495D-9E8F-842FCBB839D8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{327518F1-C36A-4B66-B674-89704B633ACE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{346E73B1-21AF-476F-A69F-7055CE65C0E0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{34B85E4C-682D-4F8D-8362-4993CCC03EB7} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{36656D19-C2CE-4483-8E76-A297C6CA726E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{392347A6-8188-4A72-A8E6-530AC1E3C925} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3AAC8670-732E-4B62-AF88-EE18AB98A1F2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3B6C935D-0B07-4DE1-AFE1-82890DD9B15E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{3EC99054-CA92-440E-9B04-CCBAD48D9561} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{40779051-0AF6-4179-9C5E-336A408F152D} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{41983BC5-8BDB-4F91-BB65-732F7E22446F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{424A1A79-063E-4F1D-845E-0240C8B18C6F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{42DACE55-C6D1-4F56-8E1D-8CDE85533C86} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{44072D8F-9737-47D8-9F10-DA7CA3CA6BFF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{47D5302E-724C-46B2-814D-F2C1268E78FB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{492F4A77-884D-404C-A0A2-7EBFD12ECEA6} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{4C3067B3-7925-4E23-BCA5-8179D3B4B328} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{4D00F337-74F6-4679-B459-A8AF8FC1B882} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{512EF8C7-365C-44A3-859D-1201D2E56E8F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{58C31A23-A6ED-4CB0-BCEB-4978DDF330B9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{5E2B3FCA-744D-4DFE-BC6A-CDBB2D542601} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{5E616F8C-CC23-42CC-BC88-17812315F223} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{644EF245-27D8-4872-9010-81C863F9382A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6454640B-3D3B-4A67-81F2-7F54F08E4B6B} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{64D04BAC-70A6-4D9C-95A6-21D87A0EFDC0} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{673D581B-B422-40A0-8882-22A12A52285E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6809E448-B2EC-42AA-97AE-8E8D62A359C2} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{69993545-EA1F-4E75-B20C-F9D0061A1B40} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6B6B94A9-9758-4BF1-B727-C2FBA29AE36E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{6EA5718E-BC28-4C84-9B7C-8C27B92DAB3F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{73A03463-7E14-4190-811F-BF6E90278926} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{79AF249C-EB48-43C0-94BF-DA163845FCEB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{7DB20BEB-A061-4E76-991F-F07DC33C9080} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{7F802F5C-3B52-4F0A-B74F-EFA498475BF9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{85DBE7A6-BE8F-467D-803E-92A36AAF21DE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{87CA310C-A439-4338-B058-A919C3FE1A7D} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{888EFB17-0D6A-43AE-8A9C-07487FDAB87C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{8A6A67C9-0884-4ED9-9E78-62DD6685B6F9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{8DD9ADC3-F435-459D-88C5-CB81FA9492CC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{92A3BBB6-2DAF-406A-BC66-2A0A66949C0C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{930820A6-07EF-469D-991A-AA106EE839A1} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{95B5D3C0-9568-430F-BBB2-F0DAF979D80C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{961F620B-4BB0-4601-8E57-F489F89DE82F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{98436F52-5411-441B-B79F-CBD22D2C0914} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9A7D33D2-FDD4-4EDF-9C60-3C446C8EA7E9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9D7A951F-3EEF-44CC-BBB7-184405A7251E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9DE13860-30FA-4F5A-B8BA-AA77F0D11E8F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9EC38C09-5FA9-4CBE-92A3-989442C2CF7A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{9FD1E98E-7E73-49F8-957C-E70993943FBB} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A0A1B4A1-AC0D-4853-8F6B-29BEAD93693E} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A1BF9DD4-A73D-4170-BE0D-B8BD5A092C82} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A1CE19F8-0261-4799-A4D9-961BD6C09341} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A277EBDC-B20E-479C-9139-2C03FE28A92C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{A623376E-EDBD-4996-84DC-F62589E41A3B} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AA19E789-8DFC-41DB-B0E7-4D39062EE4A1} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AA27FA99-9770-45EA-A9B7-0E4427857904} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{AB38D6AE-1D4D-402F-B518-0BBA4D880AF9} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{ADB7D47C-565A-4A35-8A1E-58809481AA30} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B3953EF8-BA52-4127-8EDB-52EAD565597F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B3E209BE-4C11-427B-AB69-412177B1FF5F} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{B469007A-5F31-4F5A-9DD2-B387EE486DAA} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BBC66360-56AC-465D-B21B-D75505F6C6AE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BDA6DA02-E9DD-4927-998D-595CB5E9A8CF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BDDD9CAB-9027-441A-A211-0DD518185B9A} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BE5BD9BD-84F0-49B4-BC0F-B24538A356FC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{BE625271-6E90-48B7-AAE8-8B2E54D3ED24} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C0BDA725-B57A-4060-BA09-4817DBF6D9EC} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C9B8762A-9EDF-4558-96B2-229C180DD414} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{C9C1CE08-3DFF-46A2-B7F3-96601178B567} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D0761173-6E9D-4445-9908-C02EFAE8F1EF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D0F5E2EA-E95A-40F6-A28E-E460188FA8F3} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{D9BEB676-6F6C-42ED-A3AF-7C5523D92216} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DA93AE33-5995-41D8-B2A9-871E88C25F64} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DBF9CB18-733C-46A8-AC5C-6D918D38B485} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{DD5DFEBF-338B-49D5-A9C7-8822C1A04399} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E0949254-BCCE-4518-B37A-7E4074121A37} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E44FA997-9274-471E-A31C-B5B263B3F982} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E8CAF4B4-DF7D-4DB1-9920-BF58CCE83541} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{E9AE8165-17A7-4B25-80DA-020C9525E3F8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EB827709-0C18-48C7-9DB0-2A61099C4DAE} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EB860AED-C442-4029-9489-8F8C5934828C} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{ED605250-850A-4AFC-AB6A-2685FDE11CA4} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{EEF2C33C-419A-4927-A0E9-349F56058477} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{F0DCAC80-0DB6-4F85-891E-E9217365D8A8} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{F5ADDAD6-279F-4F46-A8DF-6F435B0589AF} (Empty Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\{FB73DC38-77B3-42DB-A191-A3D61E8FFED2} (Empty Folder)
Successfully deleted: C:\Windows\couponprinter.ocx (File)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12XM69D6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NJ0QCX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTI8O8CO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ENE9MSME (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7WD456B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUD7ZB00 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UX9CD5Y2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYH5K0XQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12XM69D6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2NJ0QCX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTI8O8CO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ENE9MSME (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7WD456B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUD7ZB00 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UX9CD5Y2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYH5K0XQ (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/05/2016 at 16:38:23.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Farbar tool log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2016 02
Ran by Allen (administrator) on ALLEN-PC (27-05-2016 16:42:50)
Running from C:\Users\Allen\Desktop
Loaded Profiles: Allen (Available Profiles: Allen)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acer Inc.) C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_21_0_0_242_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-03] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4853760 2008-01-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Synaptics, Inc.)
HKLM\...\Run: [BisonInst0402] => C:\Windows\BR040286.exe [53248 2007-05-09] (Bison Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [81920 2008-01-22] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2007-10-11] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [521776 2008-01-03] (Egis Incorporated)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2008-01-07] (Dritek System Inc.)
HKLM\...\Run: [Acer Assist Launcher] => C:\Program Files\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM\...\Run: [Acer Product Registration] => C:\Program Files\Acer\Acer Registration\ACE1.exe [3387392 2007-11-26] (Leader Technologies)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2008-05-02] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-04-17] (Google Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Google Update] => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Logitech Vid HD] => "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Facebook Update] => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-06] (Facebook Inc.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1721192 2011-03-30] (Hewlett-Packard Co.)
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [52142720 2016-04-29] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-01-03] (Egis Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2008-03-26]
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2008-10-27]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk [2016-05-27]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 142.166.166.166
Tcpip\..\Interfaces\{39C7CE13-FD2A-4C69-A839-A7F82396DA33}: [DhcpNameServer] 192.168.2.1 142.166.166.166

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://en.ca.acer.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/
SearchScopes: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
SearchScopes: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> {E6F8E096-4836-47C0-8883-6A99317FB847} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03] (Egis Incorporated.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-534116950-1332898044-2559044525-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: intu-tt2014 - {97BB39CB-9ABA-4513-81E7-1D6FDA0854B8} - C:\Program Files\TurboTax 2014\ic2014pp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-06-05] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [2010-04-23] (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @talk.google.com/O1DPlugin -> C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-534116950-1332898044-2559044525-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Allen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Allen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (Bookmark Manager) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-01-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-01-23]
CHR Extension: (Google Wallet) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [506416 2008-01-03] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.) [File not signed]
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.) [File not signed]
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [829096 2007-10-29] (Bison Electronics. Inc. )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2008-03-26] (NewTech Infosystems, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
U0 Sr; no ImagePath
U2 SrService; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-27 16:42 - 2016-05-27 16:43 - 00031152 _____ C:\Users\Allen\Desktop\FRST.txt
2016-05-27 16:42 - 2016-05-27 16:42 - 00000000 ____D C:\FRST
2016-05-27 16:41 - 2016-05-27 16:41 - 01734144 _____ (Farbar) C:\Users\Allen\Desktop\FRST.exe
2016-05-27 16:38 - 2016-05-27 16:38 - 00013849 _____ C:\Users\Allen\Desktop\JRT.txt
2016-05-27 16:32 - 2016-05-27 16:32 - 01610816 _____ (Malwarebytes) C:\Users\Allen\Desktop\JRT.exe
2016-05-27 16:29 - 2016-05-27 16:29 - 00000000 ____D C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2016-05-27 16:25 - 2016-05-27 16:27 - 00000000 ____D C:\AdwCleaner
2016-05-27 16:18 - 2016-05-27 16:18 - 03678272 _____ C:\Users\Allen\Desktop\AdwCleaner.exe
2016-05-19 23:00 - 2016-04-09 18:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-19 23:00 - 2016-04-09 16:00 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-19 22:58 - 2016-04-09 18:22 - 00638184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-19 22:58 - 2016-04-09 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-19 22:53 - 2016-04-09 17:32 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-19 22:47 - 2016-04-09 17:37 - 03608808 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-05-19 22:47 - 2016-04-09 17:37 - 03556584 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-19 22:47 - 2016-03-10 14:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-19 22:45 - 2016-04-09 15:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-19 22:44 - 2016-04-09 16:07 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-19 22:19 - 2016-04-23 14:00 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-05-19 22:19 - 2016-04-23 13:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-05-19 22:19 - 2016-04-23 13:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-05-19 22:18 - 2016-04-23 14:03 - 12858880 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-19 22:18 - 2016-04-23 14:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-19 22:18 - 2016-04-23 14:01 - 09729536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 01831424 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-19 22:18 - 2016-04-23 14:00 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-05-19 22:18 - 2016-04-23 14:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-19 22:18 - 2016-04-23 13:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-19 22:18 - 2016-04-23 13:59 - 01789952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-19 22:18 - 2016-04-23 13:59 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-19 21:43 - 2016-05-19 21:43 - 00239874 _____ C:\Users\Allen\Desktop\reference letter.pdf
2016-05-16 11:56 - 2016-05-16 11:56 - 00134045 _____ C:\Users\Allen\Desktop\i.pdf
2016-05-04 14:05 - 2016-05-26 22:45 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-04 14:04 - 2016-05-04 14:04 - 00000903 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-04 14:04 - 2016-05-04 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-04 14:04 - 2016-05-04 14:04 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-05-04 14:04 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-04 14:04 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-04 14:04 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-04 14:02 - 2016-05-04 14:02 - 22851472 _____ (Malwarebytes ) C:\Users\Allen\Desktop\mbam-setup-2.2.1.1043.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-27 16:44 - 2012-10-06 13:39 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
2016-05-27 16:41 - 2006-11-02 09:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-27 16:41 - 2006-11-02 09:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-27 16:36 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-05-27 16:36 - 2006-11-02 07:33 - 00860232 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-27 16:31 - 2010-07-11 23:22 - 00000000 ____D C:\Users\Allen\AppData\Roaming\Skype
2016-05-27 16:30 - 2009-04-19 21:49 - 00000000 ____D C:\Users\Allen\Tracing
2016-05-27 16:29 - 2015-06-02 15:17 - 00000402 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2016-05-27 16:29 - 2015-04-25 11:48 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-27 16:28 - 2006-11-02 10:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-27 16:27 - 2006-11-02 10:01 - 00032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-27 16:13 - 2009-06-30 16:23 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
2016-05-27 16:12 - 2015-04-25 11:48 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-26 23:01 - 2014-09-24 14:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-26 20:38 - 2009-06-30 16:23 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
2016-05-26 20:30 - 2012-10-06 13:39 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
2016-05-24 19:42 - 2010-08-30 13:51 - 00453120 _____ C:\Users\Allen\Desktop\Logbook.xls
2016-05-24 19:42 - 2008-10-27 04:35 - 00002607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-05-24 19:40 - 2008-10-27 04:35 - 00002605 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-05-20 21:26 - 2013-07-27 21:35 - 00000000 ____D C:\Windows\system32\MRT
2016-05-20 21:04 - 2006-11-02 07:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-05-20 20:38 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\rescache
2016-05-20 20:29 - 2011-07-10 22:54 - 00000000 ____D C:\Users\Allen\Resume
2016-05-20 20:19 - 2006-11-02 09:47 - 00390776 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-20 20:15 - 2006-11-02 09:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 19:20 - 2014-09-24 14:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-15 19:20 - 2014-09-24 14:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-09 22:27 - 2010-07-11 23:22 - 00000000 ___RD C:\Program Files\Skype
2016-05-09 22:27 - 2010-07-11 23:21 - 00000000 ____D C:\ProgramData\Skype
2016-04-29 14:25 - 2010-07-21 02:59 - 00060928 _____ C:\Users\Allen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2011-04-10 15:23 - 2011-04-10 15:23 - 0000052 _____ () C:\Users\Allen\AppData\Roaming\G1000Trainer_preferences.xml
2011-04-10 15:23 - 2011-06-19 22:14 - 0006733 _____ () C:\Users\Allen\AppData\Roaming\G1000Trainer_student_record.xml
2014-12-10 16:26 - 2014-12-10 16:26 - 0000052 _____ () C:\Users\Allen\AppData\Roaming\pdfcompressor.ini
2008-11-13 02:28 - 2008-11-13 02:28 - 0024206 _____ () C:\Users\Allen\AppData\Roaming\UserTile.png
2012-02-19 20:43 - 2012-03-16 18:36 - 0000680 _____ () C:\Users\Allen\AppData\Local\d3d9caps.dat
2010-07-21 02:59 - 2016-04-29 14:25 - 0060928 _____ () C:\Users\Allen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-02 12:28 - 2015-06-02 12:28 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-07-11 23:23 - 2010-07-11 23:23 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
C:\Users\Allen\AppData\Local\temp\libeay32.dll
C:\Users\Allen\AppData\Local\temp\mpam-39d1db97.exe
C:\Users\Allen\AppData\Local\temp\mpam-de95ee0.exe
C:\Users\Allen\AppData\Local\temp\msvcr120.dll
C:\Users\Allen\AppData\Local\temp\RtkBtMnt.exe
C:\Users\Allen\AppData\Local\temp\SkypeSetup.exe
C:\Users\Allen\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-27 16:34

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2016 02
Ran by Allen (2016-05-27 16:44:31)
Running from C:\Users\Allen\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2008-09-17 20:14:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-534116950-1332898044-2559044525-500 - Administrator - Disabled)
Allen (S-1-5-21-534116950-1332898044-2559044525-1003 - Administrator - Enabled) => C:\Users\Allen
ASPNET (S-1-5-21-534116950-1332898044-2559044525-1005 - Limited - Enabled)
Guest (S-1-5-21-534116950-1332898044-2559044525-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acer Assist (HKLM\...\Acer Assist) (Version: - Acer Incorporated)
Acer Crystal Eye (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 7.32.701.13d - Acer Crystal Eye)
Acer Crystal Eye Webcam (HKLM\...\{DD1DED37-2486-4F56-8F89-56AA814003F5}) (Version: 2.0.0.20 - Acer Crystal Eye Webcam)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 2.8.4354 - Egis Inc.)
Acer eLock Management (HKLM\...\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}) (Version: 2.5.4302 - Acer Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4301 - Acer Inc.)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.6.4303 - Acer Inc.)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.5.4310 - Acer Inc.)
Acer ePresentation Management (HKLM\...\{BF839132-BD43-4056-ACBF-4377F4A88E2A}) (Version: 2.5.4300 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4302 - Acer Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 1.0.4301 - Acer Inc.)
Acer Registration (HKLM\...\Acer Registration) (Version: - Acer - Leader Technologies)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 2.11.20071207 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{FC57FC53-104C-415C-98D7-B05E659461A9}) (Version: 10.50.08 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON NX100 Series Printer Uninstall (HKLM\...\EPSON NX100 Series) (Version: - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.2.183.13 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{AB2228C5-EA86-44E1-AFF6-58B9CC260CE3}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{C40DCEE3-A564-4692-B1D5-DA1F252BA3BC}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP LaserJet P1000 series (HKLM\...\HP LaserJet P1000 series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\HP Photo Creations) (Version: 1.0.0.18332 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
MrvlUsgTracking (HKLM\...\{02C85EC5-E864-4847-AF55-42730861004C}) (Version: 1.0.0 - Marvell)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NTI Backup NOW! 4.7 (HKLM\...\InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}) (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NTI Shadow (HKLM\...\InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}) (Version: 3.7.6.37 - NewTech Infosystems)
NTI Shadow (Version: 3.7.6.37 - NewTech Infosystems) Hidden
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-534116950-1332898044-2559044525-1003\...\Octoshape add-in for Adobe Flash Player) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.32.3730a.0 - CyberLink Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5543 - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.23 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.15.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Extras (HKLM\...\Yahoo! Customizations) (Version: - )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Allen\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Allen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Allen\AppData\Local\Google\Update\1.3.30.3\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-534116950-1332898044-2559044525-1003_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Allen\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1340E10F-6A32-40A5-AB16-57CC12318002} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {18176CC6-1A9D-47F1-A26B-13910E7F909E} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
Task: {1A4242C0-60C1-4610-A9FE-9D7141CE1931} - System32\Tasks\{99258A10-6B3B-429F-8C29-27D864D109A3} => C:\Program Files\Skype\Phone\Skype.exe [2016-04-29] (Skype Technologies S.A.)
Task: {26597DBB-F5CA-4CAA-B86E-BC0A98609B82} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Allen\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-05-13] ()
Task: {2FA7A48B-76EB-49C5-857F-1258373A5860} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3CF60298-04EC-49DC-BDF6-2B76712045AB} - System32\Tasks\{DF166A33-0B21-42D0-9A6C-D6935E90AB73} => pcalua.exe -a C:\PROGRA~1\SOFTON~1\UNWISE.EXE -c C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Task: {499D5A06-9F22-447F-BCE9-4946F822C169} - System32\Tasks\{5CAFF5CB-CA6E-4A8F-9E7A-D47D6B66AE7E} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLFL9HM6\SetupFSCopilot16[1].exe" -d C:\Users\Allen
Task: {58AE6357-C600-41C8-A2E0-0B4DF5811076} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-06] (Facebook Inc.)
Task: {645EA812-B73C-4E18-9181-34DB80502938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {6AF0F6F3-A64E-4D6E-BFF1-D03992F2E9F9} - System32\Tasks\{858EA598-D309-4606-BEBC-70EF9403C894} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07L2HA66\SetupFSInn13B2_3[2].exe" -d C:\Users\Allen
Task: {714E4DED-E175-4C9D-831E-E337DC543BFC} - System32\Tasks\{D8721F9D-7F92-4077-B56D-66C255E56643} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
Task: {7DC317EB-164C-41F4-9D21-72EFD94806A7} - System32\Tasks\{6E5A1472-C989-48BA-8778-96025461C0AC} => pcalua.exe -a C:\Users\Allen\Desktop\VirtumundoBeGone.exe -d C:\Users\Allen\Desktop
Task: {89192796-C51B-456B-A050-D5E3C45A5D6D} - System32\Tasks\{D5FE861A-C79C-4D59-A538-F3923F67D2A2} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZVZEMVG\SetupFSInn12[1].exe" -d C:\Users\Allen
Task: {BE22A2C9-84B7-40C2-80DB-4EE9515DCD3D} - System32\Tasks\{D785B799-7774-474C-96E6-0D20036729B1} => pcalua.exe -a "C:\Program Files\Fs2002 And Fs2004 Easy Installer Utility!\eesi.exe" -d "C:\Program Files\Fs2002 And Fs2004 Easy Installer Utility!"
Task: {C1EB9403-15B9-4A46-9032-A5525EF30E5F} - System32\Tasks\{F6F3960B-7566-4264-9DD1-908FEFD7C1D5} => pcalua.exe -a "C:\Program Files\FSFDT\uninstallFSCopilot.exe"
Task: {C261008A-2895-44B6-8146-9400682854F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {C4DF8714-3D5B-4F78-AD03-1D5BCFEAFECD} - System32\Tasks\{262F4346-CCEC-4F15-B1D1-AB3419B87696} => pcalua.exe -a D:\setuppls.exe -d D:\ -c /AUTORUN
Task: {C9306C47-F213-4E0D-AE44-D5DBECC04F9C} - System32\Tasks\{88C44967-8EF0-4D52-9323-80C4B50F3543} => pcalua.exe -a "C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7KXWM6P\wmp11-windowsxp-x86-enu[1].exe" -d C:\Windows\system32
Task: {CE16C034-B03F-4132-8CD6-063422115D25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {D0F03E06-D15C-45B5-86C8-A93F58BBF3EC} - System32\Tasks\Microsoft\Windows\RestartManager\{9388B6A3-309E-4d7f-B8A8-B87168832CB9} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {DBAB3616-414F-42C3-BD2F-79AC04CD09E3} - System32\Tasks\PDVDServ.EXE_1322400303 => C:\Program Files\CyberLink\PowerDVD\PDVDServ.EXE [2008-01-22] (Cyberlink Corp.)
Task: {F8E07DE8-CE5F-4FDC-951D-69BA2E61FBAC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FA8D32A9-622D-4C18-95C5-09B4106AD01C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-06] (Facebook Inc.)
Task: {FCFA6D6A-FA88-4452-98C5-BFF7A63332CF} - System32\Tasks\{F39A87A9-2776-4442-96B8-82EFD761788E} => pcalua.exe -a "C:\Program Files\Microsoft Games\FS2002\FSUNINSTALL.EXE" -c /runtemp /addremove

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job => C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job => C:\Users\Allen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\Users\Allen\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{81269CAB-AB40-4890-B356-37C309F68D20}.job => C:\Windows\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Allen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Mail.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\Yahoo!\Common\ymmapi.dll,OpenURL hxxp://mail.yahoo.com/?.intl=ca&.redir=ymmapi10
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Mail.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\Yahoo!\Common\ymmapi.dll,OpenURL hxxp://mail.yahoo.com/?.intl=ca&.redir=ymmapi11

==================== Loaded Modules (Whitelisted) ==============

2008-09-17 17:27 - 2007-11-27 22:54 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe
2008-09-17 17:27 - 2007-11-27 19:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll
2011-03-30 18:19 - 2011-03-30 18:19 - 01841000 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2008-09-17 17:26 - 2007-12-19 22:09 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2008-03-26 05:23 - 2008-01-09 22:43 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2008-03-26 05:23 - 2008-01-09 22:42 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2008-09-17 17:22 - 2007-09-11 13:59 - 00307200 _____ () C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
2008-01-03 06:00 - 2008-01-03 06:00 - 00227888 _____ () C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
2008-09-17 17:25 - 2007-12-20 17:58 - 00679936 _____ () C:\Acer\Empowering Technology\eLock\eLockCTL.dll
2008-09-17 17:26 - 2007-12-19 22:09 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2008-09-17 17:26 - 2007-12-19 22:08 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2008-09-17 17:23 - 2007-12-20 15:33 - 00249856 _____ () C:\Acer\Empowering Technology\eNet\eNetPlugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:23 - 2012-03-22 09:06 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg
DNS Servers: 192.168.2.1 - 142.166.166.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{C9EF5EDA-50C2-4BE3-97E4-588F170D901D}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{E01BE071-B00A-491D-BB6A-556CA52ABD35}] => (Allow) C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE
FirewallRules: [{47620D60-F3FA-4BF0-A495-1D203C176DA8}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{74D7467A-EEFF-44B9-A907-702E9A129F00}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{48617D48-7F68-434D-8342-547FE235771E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{C9E71106-7B3B-4CFD-8DA6-D011E8B77B56}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [TCP Query User{C17E2344-6137-465B-AAD7-44082193412C}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BE179C4E-9D59-4E72-AC3B-3B90A91F09D7}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{F2DDA02E-CD32-4E79-9071-6112EE455060}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{6BDC7595-0823-450D-B246-90610F59F8B5}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [TCP Query User{F10592A5-F603-4E2C-820C-146E3AF4244A}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1D334044-58D8-40A6-8171-FA7A85505F92}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{5C24DAE7-542C-4D56-B1A4-78BB24E21C26}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [UDP Query User{725C063C-259C-4DC9-B60C-A56B6230D1FF}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [{390E7292-8F7E-443E-8784-B7F50965A7B1}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{A8123CDB-6339-4EDC-B3BE-4B0AB039EA18}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{7D48202A-539A-4356-A2FE-88E5F9372552}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{3947B629-6FBA-4962-8A79-545551BA0E0E}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{ABA9C176-A253-44C7-8ED1-33F62868C50B}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{AA4C98B2-CBED-4F05-BD2A-9B1555A857B1}C:\program files\bittorrent\bittorrent.exe] => (Allow) C:\program files\bittorrent\bittorrent.exe
FirewallRules: [{FB6B0841-AEE2-4FC5-AF28-34DA925E84AC}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4C76D121-C306-41BD-A695-84DCCFF0828A}] => (Allow) svchost.exe
FirewallRules: [{A619DE9B-E9A6-4B30-BFF3-E5BC3B852692}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EF7CD1E1-272B-4F16-BBBD-B26D7FE38820}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A43D41CC-946D-4BF5-9DEE-9B49A12FF698}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{396CE697-5AD3-422F-8E81-719CE1A61410}] => (Allow) LPort=2869
FirewallRules: [{BD673127-28AE-4D20-A67C-D13822D08483}] => (Allow) LPort=1900
FirewallRules: [{F5A2B141-767C-46A3-A4A6-13B3784D26B4}] => (Allow) LPort=80
FirewallRules: [{37753C3E-74FE-46F9-892F-61305A197DAD}] => (Allow) LPort=80
FirewallRules: [{F6688556-B806-4927-9655-8396D02B81D1}] => (Allow) LPort=80
FirewallRules: [{E4D2FBD9-ED9A-4925-9CDE-3BE742D85E47}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{58DCA8E1-C0CF-45B1-9030-C7D2468851DF}] => (Allow) C:\Users\Allen\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{DA23D471-DD9A-49CD-977A-19F9E4072849}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{9D8F25DF-6FF0-4F70-863B-35223BF19B2F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe] => Enabled:eDSfsu
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe] => Enabled:encryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe] => Enabled:decryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe] => Enabled:eDSMgr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe] => Enabled:eDStbmngr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe] => Enabled:eDSfsu
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe] => Enabled:encryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe] => Enabled:decryption
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe] => Enabled:eDSMgr
StandardProfile\AuthorizedApplications: [C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe] => Enabled:eDStbmngr

==================== Restore Points =========================

06-04-2016 22:33:33 Windows Update
10-04-2016 16:22:12 Windows Update
11-04-2016 20:03:17 Windows Update
11-04-2016 20:07:09 Windows Update
11-04-2016 20:09:52 Windows Update
15-04-2016 21:21:35 Scheduled Checkpoint
16-04-2016 03:01:29 Windows Update
16-04-2016 16:07:01 Windows Update
17-04-2016 22:49:56 Scheduled Checkpoint
20-04-2016 21:39:27 Windows Update
21-04-2016 21:31:23 Scheduled Checkpoint
22-04-2016 20:35:00 Scheduled Checkpoint
25-04-2016 08:14:55 Windows Update
29-04-2016 12:19:36 Windows Update
29-04-2016 16:05:22 Windows Backup
02-05-2016 12:54:24 Scheduled Checkpoint
04-05-2016 08:40:08 Windows Update
07-05-2016 20:37:07 Windows Update
07-05-2016 22:55:31 Windows Update
09-05-2016 23:03:21 Scheduled Checkpoint
12-05-2016 09:09:08 Windows Update
19-05-2016 22:43:10 Windows Update
20-05-2016 21:01:09 Windows Update
24-05-2016 22:01:11 Windows Update
27-05-2016 16:34:23 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Tun Miniport Adapter #2
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2016 04:30:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ALLEN\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CYBERLINK POWERDVD\READ ME.LNK> in the hash map cannot be updated.