computer has been sitting for many years and being given to daughter. Boot up is a little slow, once windows up and running it can take hours for a program to open. Extremely unresponsive, have tried to update but it locks up. wi-fi shows no connection but it does connect, extremely slowly. have installed avg free edition and avg tune-up to help with registry issues, but its so slow the 3 day free trial ended before completing. also uninstalled outdated norton 360. Also installed chrome and picassa to locate all photos on computer and save to external drive. have used this forum many years ago and am thankful for any help. thank you
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Patty (administrator) on PATTY-HP (04-07-2016 17:26:39)
Running from C:\Users\Patty\Desktop
Loaded Profiles: Patty (Available Profiles: Patty & Any Visitor & Familia & Guest & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Corporation) C:\Windows\System32\tlntsvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\WMSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2014-05-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\...\RunOnce: [Uninstall C:\Users\Patty\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patty\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64"
HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\...\MountPoints2: {bacac31b-b7f4-11e3-a61d-e1fc80c4f66d} - F:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-07-02] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{D2DCDA8F-96C1-48BD-96AC-4E5A644C000D}: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/CQNOT/1
HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.iegallery.com/en-us/Addons/Details/9422
URLSearchHook: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {779DE508-AB1D-4030-9826-E49F49392F8A} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
SearchScopes: HKLM -> {98D213E5-857B-4072-86D4-3207C4DDDA2F} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM -> {B30088F6-5D5A-4355-BF1F-40D4A915AD96} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {CCBB7EFC-B3A9-4F93-9364-6F7B79AFB53F} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {779DE508-AB1D-4030-9826-E49F49392F8A} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
SearchScopes: HKLM-x32 -> {98D213E5-857B-4072-86D4-3207C4DDDA2F} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^Y6^xdm003^YY^us&si=CMqLtOjUyrcCFYhxQgodHE4AKw&ptb=78DC9980-A33C-46DF-ACF1-AD25AD7757BF&ind=2013060416&n=77fcdd40&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm002Q9us&ptb=E29D9161-94C2-4693-9363-507F3BE88BFF&psa=&ind=2011091415&ptnrS=XPxdm002Q9us&si=CIrImpO3nasCFeUZQgodLn8qig&st=sb&n=77ded1d7&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {B30088F6-5D5A-4355-BF1F-40D4A915AD96} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {CCBB7EFC-B3A9-4F93-9364-6F7B79AFB53F} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> DefaultScope {48D56B68-22B7-4328-BDF7-0A6CBA1F34EF} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_enUS479
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {48D56B68-22B7-4328-BDF7-0A6CBA1F34EF} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_enUS479
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {5B91B7B0-0B82-40FD-AE01-246A883820AA} URL = hxxp://www.bing.com/search?FORM=UP74DF&PC=UP74&dt=060413&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {779DE508-AB1D-4030-9826-E49F49392F8A} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {98D213E5-857B-4072-86D4-3207C4DDDA2F} URL = hxxp://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120105,6901,0,8,0
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} URL =
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL =
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {B30088F6-5D5A-4355-BF1F-40D4A915AD96} URL =
SearchScopes: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> {CCBB7EFC-B3A9-4F93-9364-6F7B79AFB53F} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-01] (Yahoo! Inc)
Toolbar: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc64.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2014-04-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-30]
CHR Extension: (Google Docs) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-30]
CHR Extension: (Google Drive) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-30]
CHR Extension: (YouTube) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-30]
CHR Extension: (Google Sheets) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-30]
CHR Extension: (Google Docs Offline) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-30]
CHR Extension: (Norton Identity Safe) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-06-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2016-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-30]
CHR Extension: (Gmail) - C:\Users\Patty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-30]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-05-31] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4803344 2016-06-01] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 massfilter_hs; C:\Windows\SysWOW64\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-17] ()
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
S3 zghsdiag; C:\Windows\SysWOW64\DRIVERS\zghsdiag.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\SysWOW64\DRIVERS\zghsmdm.sys [113432 2011-03-07] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\SysWOW64\DRIVERS\zghsnmea.sys [113432 2011-03-07] (ZTE Incorporated)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-04 17:26 - 2016-07-04 17:30 - 00022302 _____ C:\Users\Patty\Desktop\FRST.txt
2016-07-04 17:16 - 2016-07-04 17:26 - 00000000 ____D C:\FRST
2016-07-04 17:14 - 2016-07-04 17:00 - 02390016 _____ (Farbar) C:\Users\Patty\Desktop\FRST64.exe
2016-07-03 21:36 - 2014-10-24 18:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-07-03 21:36 - 2014-10-24 18:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-07-03 21:35 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-07-03 21:35 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-07-03 20:49 - 2015-11-03 12:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-07-03 20:49 - 2015-11-03 11:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-07-03 20:43 - 2016-07-03 20:43 - 00000000 ____D C:\Intel
2016-07-03 18:11 - 2016-07-03 18:42 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForPatty.job
2016-07-03 18:11 - 2016-07-03 18:11 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPatty
2016-07-03 15:39 - 2016-07-04 14:41 - 00003694 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2016-07-03 14:39 - 2016-07-03 14:39 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-07-03 14:39 - 2016-07-03 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-07-03 14:39 - 2016-06-01 15:12 - 00053008 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-07-03 14:39 - 2016-06-01 15:05 - 00044304 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-07-03 14:39 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2016-07-02 22:14 - 2016-07-02 22:14 - 00001070 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-07-02 22:12 - 2016-07-02 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-07-02 20:33 - 2016-04-09 00:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-07-02 20:33 - 2016-04-09 00:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-02 20:33 - 2016-04-09 00:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-07-02 20:33 - 2016-04-09 00:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-02 20:33 - 2016-04-09 00:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-02 20:33 - 2016-04-08 23:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-07-02 20:33 - 2016-04-08 23:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-07-02 20:33 - 2016-04-08 23:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-02 20:33 - 2016-04-08 23:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 22:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-07-02 20:33 - 2016-04-08 22:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-07-02 20:33 - 2016-04-08 22:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-07-02 20:33 - 2016-04-08 22:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-02 20:33 - 2016-04-08 22:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-07-02 20:33 - 2016-04-08 22:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-07-02 20:33 - 2016-04-08 22:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-02 20:33 - 2016-04-08 22:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-02 20:33 - 2016-04-08 22:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-02 20:33 - 2016-04-08 22:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-07-02 20:33 - 2016-04-08 22:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-02 20:33 - 2016-04-08 22:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-02 20:33 - 2016-04-08 22:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-07-02 20:33 - 2016-04-08 22:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-07-02 20:33 - 2016-04-08 22:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-07-02 20:33 - 2016-04-08 22:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-07-02 20:33 - 2016-04-08 22:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-02 20:33 - 2016-04-08 22:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 22:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 22:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-02 20:33 - 2016-04-08 22:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-02 20:33 - 2016-03-23 15:43 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-07-02 20:33 - 2016-03-23 15:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-07-02 20:33 - 2016-03-23 15:40 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-07-02 20:33 - 2016-03-23 15:40 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-02 20:33 - 2016-03-23 15:40 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-02 20:33 - 2016-03-23 15:39 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-02 20:28 - 2016-03-09 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-07-02 20:28 - 2016-03-09 11:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-07-02 20:23 - 2016-04-14 09:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-07-02 20:23 - 2016-04-14 09:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-07-02 20:23 - 2016-04-14 09:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-07-02 20:23 - 2016-04-14 09:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-07-02 20:23 - 2016-04-14 09:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-07-02 20:23 - 2016-04-14 09:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-07-02 20:23 - 2016-04-14 08:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-07-02 20:23 - 2016-04-14 08:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-07-02 20:23 - 2016-04-14 08:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-07-02 20:23 - 2016-04-14 08:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-07-02 20:23 - 2016-04-14 08:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-07-02 20:23 - 2016-04-14 08:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-07-02 20:15 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-02 20:15 - 2016-04-08 20:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-02 19:53 - 2015-09-01 20:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-02 19:53 - 2015-09-01 20:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-02 19:53 - 2015-09-01 20:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-02 19:53 - 2015-09-01 20:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-02 19:53 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-02 19:53 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-02 19:53 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-02 19:53 - 2015-09-01 19:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-02 19:53 - 2015-09-01 18:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-02 19:53 - 2015-09-01 18:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-02 19:53 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-02 19:16 - 2016-07-02 19:16 - 00000000 ____D C:\Users\Familia\AppData\Roaming\AVG
2016-07-02 19:14 - 2016-07-02 19:14 - 00000000 __SHD C:\Users\Familia\AppData\Local\EmieUserList
2016-07-02 19:14 - 2016-07-02 19:14 - 00000000 __SHD C:\Users\Familia\AppData\Local\EmieSiteList
2016-07-02 19:14 - 2016-07-02 19:14 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Local\Google
2016-07-02 19:14 - 2016-07-02 19:14 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Local\Avg
2016-07-02 19:12 - 2016-07-02 19:12 - 00000000 ____D C:\Users\Familia\AppData\Local\Avg
2016-07-02 19:10 - 2016-07-02 19:10 - 00000000 ____D C:\Users\Familia\AppData\Local\Google
2016-07-02 17:31 - 2016-07-02 17:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-07-02 17:31 - 2016-07-02 17:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-06-30 18:55 - 2016-06-30 18:55 - 00000000 ____D C:\Users\Patty\AppData\Roaming\AVG
2016-06-30 18:50 - 2016-06-30 18:50 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-30 18:44 - 2016-07-02 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-30 18:44 - 2016-06-30 18:44 - 00000000 ____D C:\Users\Patty\AppData\Roaming\TuneUp Software
2016-06-30 18:39 - 2016-06-30 18:39 - 00000000 ___HD C:\$AVG
2016-06-30 18:28 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-30 18:28 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-30 18:28 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-30 18:28 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-30 18:27 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-30 18:27 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-30 18:27 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-30 18:27 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-30 18:27 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-30 18:27 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-30 18:26 - 2016-07-04 14:53 - 00000000 ____D C:\ProgramData\MFAData
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\Users\Patty\AppData\Local\MFAData
2016-06-30 18:24 - 2016-06-30 18:25 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-30 18:24 - 2016-06-30 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-30 18:22 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-30 18:22 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-30 18:22 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-30 18:22 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-30 18:16 - 2016-07-03 14:37 - 00000000 ____D C:\Program Files (x86)\AVG
2016-06-30 18:13 - 2016-07-03 14:38 - 00000000 ____D C:\Users\Patty\AppData\Local\Avg
2016-06-30 18:13 - 2016-07-03 14:34 - 00000000 ____D C:\ProgramData\Avg
2016-06-30 18:13 - 2016-07-03 14:33 - 00000000 ____D C:\Users\Patty\AppData\Local\AvgSetupLog
2016-06-30 18:13 - 2016-06-30 18:13 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Patty\Downloads\AVG_Protection_Free_1597 (1).exe
2016-06-30 18:12 - 2016-06-30 18:12 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Patty\Downloads\AVG_Protection_Free_1597.exe
2016-06-30 13:32 - 2016-06-30 13:32 - 00002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-30 13:32 - 2016-06-30 13:32 - 00002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-30 13:29 - 2016-07-04 16:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-30 13:29 - 2016-07-04 16:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-30 13:29 - 2016-07-04 14:40 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-30 13:29 - 2016-07-04 14:40 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-30 12:54 - 2016-06-30 12:54 - 00000000 __SHD C:\Users\Any Visitor.Patty-HP.000\AppData\LocalLow\EmieSiteList
2016-06-30 12:04 - 2016-06-30 12:04 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Local\Apple
2016-06-30 12:02 - 2016-07-03 18:42 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForAny Visitor.job
2016-06-30 12:02 - 2016-07-03 15:05 - 00003224 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAny Visitor
2016-06-30 12:01 - 2016-06-30 12:02 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Local\Hewlett-Packard
2016-06-30 11:59 - 2016-06-30 12:01 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Hewlett-Packard
2016-06-30 11:58 - 2016-06-30 11:58 - 00001417 _____ C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-30 11:58 - 2016-06-30 11:58 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Adobe
2016-06-30 11:55 - 2016-06-30 11:55 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Local\VirtualStore
2016-06-30 11:54 - 2016-06-30 12:23 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000
2016-06-30 11:54 - 2016-06-30 11:54 - 00000020 ___SH C:\Users\Any Visitor.Patty-HP.000\ntuser.ini
2016-06-30 11:54 - 2016-06-30 11:54 - 00000000 _SHDL C:\Users\Any Visitor.Patty-HP.000\My Documents
2016-06-30 11:54 - 2016-06-30 11:54 - 00000000 _SHDL C:\Users\Any Visitor.Patty-HP.000\Documents\My Videos
2016-06-30 11:54 - 2016-06-30 11:54 - 00000000 _SHDL C:\Users\Any Visitor.Patty-HP.000\Documents\My Pictures
2016-06-30 11:54 - 2016-06-30 11:54 - 00000000 _SHDL C:\Users\Any Visitor.Patty-HP.000\Documents\My Music
2016-06-30 11:54 - 2014-01-25 19:22 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Media Center Programs
2016-06-30 11:54 - 2013-03-06 02:33 - 00002064 _____ C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-30 11:54 - 2011-02-16 03:05 - 00000000 ____D C:\Users\Any Visitor.Patty-HP.000\AppData\Roaming\Mozilla
2016-06-09 08:15 - 2016-06-09 08:15 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-04 17:11 - 2009-07-13 22:13 - 00882480 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-04 17:07 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\tracing
2016-07-04 17:01 - 2009-07-13 21:45 - 00023248 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-04 17:01 - 2009-07-13 21:45 - 00023248 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-04 16:54 - 2014-04-22 14:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-04 16:49 - 2009-07-13 20:20 - 00000000 ___DC C:\Windows\system32\NDF
2016-07-04 16:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-07-04 16:34 - 2012-04-21 17:17 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-04 16:33 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-04 16:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2016-07-04 14:57 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-07-04 14:42 - 2012-12-15 12:37 - 00003002 _____ C:\Windows\System32\Tasks\{19CE5A34-8273-430C-8F8E-D4965C65BCB9}
2016-07-04 14:42 - 2012-12-15 12:23 - 00003002 _____ C:\Windows\System32\Tasks\{E7ED2D14-1D39-41D8-AD1F-7EE7BCA275F2}
2016-07-04 14:42 - 2012-12-15 12:23 - 00003002 _____ C:\Windows\System32\Tasks\{3DB6BFE5-99E0-4122-B1EC-4D11F3E4A6C0}
2016-07-04 14:42 - 2011-06-13 19:00 - 00003002 _____ C:\Windows\System32\Tasks\{F432852F-3E2A-4AA4-AC0A-B43E47319111}
2016-07-04 14:42 - 2011-06-13 19:00 - 00003002 _____ C:\Windows\System32\Tasks\{3CC3C2CA-FDE0-4CE3-8E85-7B0495985C2C}
2016-07-04 14:42 - 2011-06-13 18:53 - 00003002 _____ C:\Windows\System32\Tasks\{FB9743C9-B1ED-43F6-AD36-6FD950DBE832}
2016-07-04 14:42 - 2011-06-10 20:04 - 00003002 _____ C:\Windows\System32\Tasks\{CFB7E985-8E3D-4920-87C1-11A1DDBA20FD}
2016-07-04 14:42 - 2011-06-10 20:04 - 00003002 _____ C:\Windows\System32\Tasks\{8EFDF48F-2422-4214-879B-FD63181DDADB}
2016-07-04 14:42 - 2011-06-10 20:03 - 00003002 _____ C:\Windows\System32\Tasks\{AEB9FD84-C3C4-40CD-ABED-FE656AB13AC3}
2016-07-04 14:42 - 2011-06-10 20:03 - 00003002 _____ C:\Windows\System32\Tasks\{86A328E2-4E44-4B4F-865E-3401D809764A}
2016-07-04 14:40 - 2010-11-17 08:17 - 00003704 _____ C:\Windows\System32\Tasks\RecoveryCDWin7
2016-07-04 14:40 - 2010-11-17 08:17 - 00003404 _____ C:\Windows\System32\Tasks\ServicePlan
2016-07-04 10:03 - 2009-07-13 21:45 - 00282592 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-04 09:56 - 2014-04-25 16:14 - 00000000 __SDC C:\Windows\system32\CompatTel
2016-07-04 09:56 - 2013-03-15 20:27 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-04 09:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-07-04 09:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism
2016-07-04 09:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-07-04 09:54 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-04 09:16 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2016-07-03 22:26 - 2011-06-19 11:02 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E70F668C-BB52-4DEB-9230-CEB9DB7EEF6B}
2016-07-03 19:27 - 2010-11-17 13:25 - 00000000 ____D C:\Users\Patty\AppData\Local\CrashDumps
2016-07-03 19:18 - 2014-06-05 22:28 - 00000000 ____D C:\Users\Patty\AppData\Roaming\Skype
2016-07-03 19:18 - 2014-06-04 07:44 - 00000000 ____D C:\Users\Patty\Documents\Youcam
2016-07-03 19:18 - 2011-06-19 15:39 - 00000000 ____D C:\Users\Patty\AppData\Roaming\HpUpdate
2016-07-03 19:18 - 2010-11-17 08:18 - 00000000 ____D C:\Users\Patty\AppData\Roaming\hpqLog
2016-07-03 19:18 - 2010-07-10 20:01 - 00000000 ____D C:\ProgramData\Temp
2016-07-03 19:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-03 15:43 - 2013-11-02 13:26 - 00002996 _____ C:\Windows\System32\Tasks\{B45D287B-6E99-49D4-B73D-6AE8BE4AEEA8}
2016-07-03 11:06 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-07-03 01:24 - 2013-07-18 00:41 - 00000000 ____D C:\Windows\system32\MRT
2016-07-03 00:44 - 2010-12-17 12:38 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-03 00:26 - 2011-02-11 13:23 - 00874966 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-02 23:55 - 2010-07-10 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-02 23:51 - 2013-11-07 06:20 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-02 23:51 - 2010-07-10 21:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 22:14 - 2011-06-21 09:51 - 00000000 ____D C:\Users\Patty\AppData\Local\Google
2016-07-02 22:11 - 2011-06-21 09:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-02 20:47 - 2010-07-10 19:40 - 00000000 ____D C:\ProgramData\Symantec
2016-07-02 20:11 - 2014-02-28 11:43 - 00000000 ___RD C:\Users\Patty\OneDrive
2016-07-02 20:11 - 2014-02-28 09:36 - 00002160 _____ C:\Users\Patty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-07-02 20:05 - 2011-02-07 16:46 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-07-02 20:05 - 2010-07-08 01:43 - 00000000 ____D C:\ProgramData\Norton
2016-06-30 15:29 - 2011-05-18 16:11 - 00000000 ____D C:\Users\Patty\AppData\Local\ElevatedDiagnostics
2016-06-30 15:27 - 2011-08-23 14:37 - 00000000 ___DC C:\Users\DefaultAppPool
2016-06-30 14:17 - 2011-05-18 15:11 - 00007641 _____ C:\Users\Patty\AppData\Local\Resmon.ResmonCfg
2016-06-30 14:17 - 2009-07-13 20:20 - 00000000 ____D C:\PerfLogs
2016-06-30 13:57 - 2014-04-23 21:48 - 00000000 ____D C:\Windows\Minidump
2016-06-30 13:56 - 2014-04-22 14:09 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-30 13:55 - 2014-04-22 14:08 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-30 13:55 - 2014-04-22 14:08 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-30 13:29 - 2014-04-13 16:11 - 00000519 _____ C:\Users\Patty\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2016-06-30 13:29 - 2012-01-30 11:04 - 00000000 ____D C:\Users\Patty\AppData\Local\Deployment
2016-06-30 11:57 - 2010-11-17 08:11 - 00000000 ____D C:\Users\Patty
==================== Files in the root of some directories =======
2006-08-17 11:54 - 2013-07-19 21:06 - 0000029 _____ () C:\Program Files\Autorun.inf
2013-02-25 21:13 - 2013-07-19 21:07 - 0791548 _____ () C:\Program Files\Release.txt
2013-02-25 23:25 - 2013-07-19 21:07 - 0253680 _____ (Synaptics Incorporated) C:\Program Files\Setup.exe
2011-09-14 12:21 - 2011-09-14 12:07 - 0161736 _____ () C:\Program Files (x86)\64res.dll
2011-02-15 20:34 - 2011-04-18 15:51 - 0001854 _____ () C:\Users\Patty\AppData\Roaming\GhostObjGAFix.xml
2013-07-19 12:25 - 2014-04-06 22:01 - 0005632 _____ () C:\Users\Patty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-18 15:11 - 2016-06-30 14:17 - 0007641 _____ () C:\Users\Patty\AppData\Local\Resmon.ResmonCfg
2010-07-08 01:37 - 2010-07-08 01:37 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-07-10 20:51 - 2010-07-10 20:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-08 01:37 - 2010-07-08 01:37 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-07-10 20:44 - 2010-07-10 20:45 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-08 01:36 - 2010-07-08 01:36 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-07-08 01:37 - 2010-07-08 01:37 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-07-10 20:43 - 2010-07-10 20:44 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-10 20:45 - 2010-07-10 20:51 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-07-08 01:37 - 2010-07-08 01:37 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Files to move or delete:
====================
C:\Users\Patty\ESRendezvousInfc.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-30 15:35
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Patty (2016-07-04 17:37:16)
Running from C:\Users\Patty\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-11-17 15:11:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1232287608-1843942127-1758789870-500 - Administrator - Disabled)
Any Visitor (S-1-5-21-1232287608-1843942127-1758789870-1010 - Administrator - Enabled) => C:\Users\Any Visitor.Patty-HP.000
Familia (S-1-5-21-1232287608-1843942127-1758789870-1013 - Administrator - Enabled) => C:\Users\Familia
Guest (S-1-5-21-1232287608-1843942127-1758789870-501 - Limited - Enabled) => C:\Users\Guest
Patty (S-1-5-21-1232287608-1843942127-1758789870-1002 - Administrator - Enabled) => C:\Users\Patty
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop Album 2.0 Starter Edition (HKLM-x32\...\{11B569C2-4BF6-4ED0-9D17-A4273943CB24}) (Version: 2.00.100 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
AVG (Version: 16.91.7688 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4613 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A0679E5-D05B-4C6A-905B-3FD932E6241F} - System32\Tasks\Event Viewer Tasks\Microsoft-Windows-Diagnostics-Performance_Operational_Microsoft-Windows-Diagnostics-Performance_351
Task: {0BAA7BE4-D674-4313-928E-2896136D99FA} - System32\Tasks\{8EFDF48F-2422-4214-879B-FD63181DDADB} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0C4C3377-5E9E-4CD9-9661-A14AF1B1833F} - System32\Tasks\{3DB6BFE5-99E0-4122-B1EC-4D11F3E4A6C0} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {10A9E111-4E19-4274-89B0-63CAAEDDBB1A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.)
Task: {139D6B8A-FFCB-482B-9072-63C8214D4C8A} - System32\Tasks\{3CC3C2CA-FDE0-4CE3-8E85-7B0495985C2C} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1922C14D-9956-41A0-8D6B-1727D287F863} - System32\Tasks\{EC5E42D1-5A75-4650-93EB-32FA60ABE42C} => pcalua.exe -a C:\Users\Patty\AppData\Local\Temp\Temp1_LGWindowsMobile_USBDriver_WHQL_ML_Ver_1.0.zip\LGWindowsMobile_USBDriver_WHQL_ML_Ver_1.0.exe
Task: {1F6E5F82-DBF8-488B-B12A-14FDD68BFF8A} - System32\Tasks\{1E4EDAF8-8D21-463E-952F-6177DD987B08} => pcalua.exe -a "C:\Program Files (x86)\COMPAQ\CPQ650TP\Ver. 2.3\unins000.EXE"
Task: {224C06E5-15CE-40D6-932B-1B132373E94C} - System32\Tasks\{F432852F-3E2A-4AA4-AC0A-B43E47319111} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {28A32CDA-4198-48B2-A3AA-487496B599F4} - System32\Tasks\{FB9743C9-B1ED-43F6-AD36-6FD950DBE832} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2DFDC6B8-2E83-46C5-9F07-ACBB105DE39D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3277B4B9-B8ED-420A-A78C-1ED920F738FC} - System32\Tasks\{E4842C1D-89D1-453F-AF2F-517C6CEEEC25} => pcalua.exe -a "C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime
Task: {4D675FC0-7CBC-4A46-A5A7-3D0C6B8FBCC0} - System32\Tasks\HPCeeScheduleForAny Visitor => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {4FE50A07-6B43-4620-B00B-6CAE9D26BF05} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {57D40D84-CAF9-4F09-AB15-55C362AC5D23} - System32\Tasks\{D3B71ABC-D8AB-445D-9DF9-D040BF645B55} => pcalua.exe -a "C:\Program Files (x86)\AddThis Toolbar\Uninst.exe" -d "C:\Program Files (x86)\AddThis Toolbar"
Task: {671EF15B-4DD2-43B8-8BAC-A44DC7997468} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {78367E6D-9442-4F89-BC91-E028BF7B5309} - System32\Tasks\{14079E4F-BE3F-4EEE-BC76-4EA5965C1C86} => pcalua.exe -a C:\ProgramData\Uninstall\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}\setup.exe -c /x {9008D736-35CA-40DB-A2BE-5F32D954E5AA}
Task: {7F9900DE-9C70-49BD-98AE-3AD075EF9A01} - System32\Tasks\{B45D287B-6E99-49D4-B73D-6AE8BE4AEEA8} => C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe [2014-01-10] (Microsoft Corp.)
Task: {8325F4E8-4059-43C2-80CC-7B73BA3442C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {834E1CD3-0CB8-4226-8DE7-5FF1460F5983} - System32\Tasks\HPCeeScheduleForPatty => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {84B24D32-437F-47F9-B3C1-C2BCB571C3A2} - System32\Tasks\{CFB7E985-8E3D-4920-87C1-11A1DDBA20FD} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8B3D829C-E47D-4CC3-B29F-6698AA23D463} - System32\Tasks\{6648A3C0-17EF-4D19-8667-097E71BDE31B} => pcalua.exe -a "C:\Users\Patty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\16P3NL1N\B2CAppSetup[1].exe" -d C:\Users\Patty\Desktop
Task: {8CC34197-7F32-4D1E-97DE-22B696AD610F} - System32\Tasks\{5D9340B7-71C9-4B81-A078-458718E7D281} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {8E38353A-C866-4A2F-8B70-A6CA65C213A4} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {A21494CA-A7B1-49BE-8285-C33BB3F79E52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-30] (Adobe Systems Incorporated)
Task: {A88610C3-CC77-41EB-AA52-0AA5F1C4A0BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {AA9E4E63-2A1A-46BF-A713-D7996F500CB4} - System32\Tasks\{86A328E2-4E44-4B4F-865E-3401D809764A} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {AAA8364F-3751-4D48-A7D8-7E1BC0C062A3} - System32\Tasks\{B7FEB280-42C9-449F-9C17-A98800EEC7B3} => pcalua.exe -a "C:\Users\Patty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BH4H4R84\wlsetup-web.exe" -d C:\Users\Patty\Desktop
Task: {B042B3F4-CFE3-435A-83D9-03F3763E6B77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-30] (Google Inc.)
Task: {C497BBFA-246D-45C4-B079-2B2762D57005} - System32\Tasks\{AEB9FD84-C3C4-40CD-ABED-FE656AB13AC3} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C56ECDDF-2211-4279-B349-CBD40924ECCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {C6DE2FBA-2697-4084-900F-66A3852DAFF2} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {CC3516D9-F841-4D59-A904-F25ACE793032} - System32\Tasks\{19CE5A34-8273-430C-8F8E-D4965C65BCB9} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DB6E80E7-D0B5-4AB2-9141-0A9F12B40A44} - System32\Tasks\{710C6DAA-2F52-4B54-8F95-CDF460955C87} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe -d C:\ProgramData\LGMOBILEAX\B2C_Client
Task: {DE1CE84E-F47B-4DA2-8D52-1A3F48FD80BF} - System32\Tasks\{85E92500-57C1-45FF-8900-F8B08DB3C13E} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {F0FDE714-25B7-4286-853C-79A110122E39} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {FBDFA2C7-CDBB-4C3D-8AF3-1EFC92804370} - System32\Tasks\{E7ED2D14-1D39-41D8-AD1F-7EE7BCA275F2} => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {FF3B613B-1281-40FF-BB0B-097319F3DEC1} - System32\Tasks\{F9F606C2-DB89-4D06-A7D7-30FF2A69B705} => C:\LGVX8360\LGUnitedMobileDriver_S4981CAN32AP22_ML_WHQL_Ver_3.2.1.exe [2011-04-07] (Acresso Software Inc. )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAny Visitor.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPatty.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=hp_softwarestore&pf=cnnb&locale=en_us&bd=all&c=104>C:\Program Files (x86)\Online Services\hpswstore\hpswstore.ico (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Walmart Photo Center.lnk -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=wmsnapfish&pf=cnnb&locale=en_us&bd=all&c=1046C:\Program Files (x86)\Online Services\snapfish\wm.ico (No File)
==================== Loaded Modules (Whitelisted) ==============
2016-07-02 20:10 - 2016-07-02 20:10 - 00959168 _____ () C:\Users\Patty\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2016-06-30 18:16 - 2016-06-30 18:14 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [119]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\...\adobe.com -> hxxps://helpx.adobe.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1232287608-1843942127-1758789870-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Patty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MapsGalaxy Search Scope Monitor => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AA47F0FC-94D2-43B5-B272-AA6B9B3061BB}] => (Allow) svchost.exe
FirewallRules: [{07E73095-2D4C-4C46-9366-715E8F2D9A85}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{76AE9FA4-F355-47D7-8E60-39D901A9CC6B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{C8693F56-3760-48C1-91BF-961210279B91}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{16F96600-F677-401D-9892-A16458E0159C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{763A96E6-2B7C-4827-BE76-B076CC37791F}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{6D38425D-7000-49D9-9273-02D84690CA31}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{90F75C77-57DD-4A49-890A-67B7B07B8478}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{265F1143-E62B-49C3-A6AB-46AFE02E98F2}] => (Allow) C:\Program Files (x86)\AddThis Toolbar\TroubleShooter.exe
FirewallRules: [{F671B55B-8B72-4DBF-8868-228B0D6911D0}] => (Allow) C:\Program Files (x86)\AddThis Toolbar\TroubleShooter.exe
FirewallRules: [{79300767-6D51-4AF1-914C-7D2297D41B80}] => (Allow) C:\Program Files (x86)\AddThis Toolbar\ToolbarUpdate.exe
FirewallRules: [{94D553C4-5DA2-4EA2-A42D-D4EEB57CE836}] => (Allow) C:\Program Files (x86)\AddThis Toolbar\ToolbarUpdate.exe
FirewallRules: [{CF1254E9-4A54-41E1-9DC0-8F2302093C80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0D0F93A-53A9-46B0-AE00-C0D027E379F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{C20AD279-BFBB-4DB1-B527-B956E11D8EFC}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{268BAE5D-A462-443E-B7C0-C1181FB73A50}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{CD3B4554-AD8F-4522-BA43-916A9668ABAC}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{A9EB1BCC-DA4B-4F3A-AF55-2D763174F630}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{ED92DC4A-7564-404D-B37F-AEB8FCBD1BBF}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{28AF33D5-2E9A-4CD5-8746-5F577E19757B}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{08BCE7BD-E0FD-4855-857D-21C46DC974FC}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{E3F386A9-1B57-4CFC-AA08-F5F8A8843B48}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{7951BDB9-AC19-4C8A-A0E8-C515BFC70433}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{8D56D530-BC92-483C-A911-C711A84D6341}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{A9903283-E6EF-475D-8C33-6053637DFC0E}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{4D682C72-1BFB-4C13-959C-BD7CFE10BB00}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{09F2B995-1348-4DE0-BAC4-BC4B54C76C25}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{3FA19122-82F9-4CF2-8181-A6C97522D706}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{224FD7F9-872A-4F72-B6B4-68E8B2C2592F}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{14DD3AFF-956B-44D2-AAE9-E33F0381917D}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{B4FDBF2A-AEBF-4785-A34C-22774D55B6F8}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{1E37EA18-C95B-441D-BE48-FCD99A1EE3FB}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{90226F6E-154A-4788-8DFC-988E771CBFD5}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{DBC0D012-DD52-4A20-80CD-854247AF2DB3}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{5BB30A19-B476-49B7-BAE9-2A1859F204C4}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{C97F80D4-949C-465D-82B8-DF40CA3DFE54}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\2.0\Apps\PhotoshopAlbum.exe
FirewallRules: [{A1E95163-84B7-4017-8122-E8A395B9C0C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B93E6EB2-FE20-4C44-9624-FE401F753F67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17518F41-F019-4AA3-8586-88E458CA57A9}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{09F64EF7-FF0F-4AA0-9D3F-F160D45F37E4}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{F480AFDE-84D3-4664-BD12-623366781A3A}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{8CF625D2-F1A4-4918-AB14-EA7297D738B5}] => (Allow) C:\Windows\system32\recdisc.exe
FirewallRules: [{C2D157A9-67A6-4A88-AFAA-12112CC3E94F}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{F43349ED-BB4A-450C-9600-E9DEEAC221E8}] => (Allow) C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe
FirewallRules: [{5C7067A1-55F4-46C0-B4A1-B38210E5B53D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{8FAA28B6-BF53-46FA-8601-59ACA02FD135}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{31E96A26-735B-43C8-B56C-AD4DEA3FA1D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{486BF7D4-6C64-4B22-801A-DA7284C76598}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{1EAB5565-DF7A-4DF2-A40D-882A7D270C88}] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{07880670-A8AF-4D51-B77A-716ED38403B5}] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{A0B86A8F-206F-4265-AF18-8AC0F30C87E4}] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{094B658F-54C8-4B33-A536-467786CE7C00}] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{6BD29183-9BBF-4E8B-9B17-BF2FAD032456}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{E7110920-4CF3-4565-A88E-0B5773813D9C}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
FirewallRules: [{1514D64D-26A7-4E61-B939-3F8675190849}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{D3DE21BD-0828-45A3-8F09-72B506057410}] => (Allow) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
FirewallRules: [{9C65A0FF-CA63-4688-A3D2-DAB48A0F57D5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{17E63927-C198-4325-833C-800779AF1292}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{412E70AA-5FA2-435B-BABE-59F5EF6120D6}] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{1777BF02-96BE-4564-A049-10206D97FF3F}] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{6F909D77-5E5F-40E2-9DE7-70B4DD89393B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B37F1357-7A05-4A7D-A528-D65E065F577D}] => (Allow) LPort=2869
FirewallRules: [{9B792C18-300D-41C7-9087-1E657917AA22}] => (Allow) LPort=1900
FirewallRules: [{609EACD6-27A6-4B3A-A0BE-3AA1BD21AFF3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{FC8F321C-4A84-43F4-A110-335EB59F91C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F789921B-C952-47ED-94A1-F9CF71A9BF69}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{83F15ED6-975B-4BCC-853D-377E1344D9B6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4FD10A8F-FA42-41DE-8464-CCFABAC39C0E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{0E5B0551-4A13-4BE5-BFCC-9228520CB4C6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{11D9497B-9542-480B-816B-8313DDFCF7C5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{C02C86BC-BC03-476F-9045-45847826A83C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{98C5B547-177A-4DC4-9C6D-839E349C9FE7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C238B94F-FE20-4B9E-998D-FC9EDB4E5862}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Restore Points =========================
11-04-2014 00:46:13 Removed Cisco LEAP Module
11-04-2014 00:47:05 Removed Cisco EAP-FAST Module
13-04-2014 10:33:29 Installed Java 7 Update 25 (64-bit)
13-04-2014 11:26:59 Windows Update
14-04-2014 01:16:39 Restore Operation
15-04-2014 09:20:27 Windows Update
15-04-2014 09:21:26 Windows Backup
15-04-2014 17:07:24 Installed Java 7 Update 55
17-04-2014 13:00:59 Windows Update
22-04-2014 11:48:37 Windows Backup
22-04-2014 12:00:39 Windows Update
25-04-2014 15:56:20 Windows Update
25-04-2014 16:13:27 Windows Update
25-04-2014 16:17:53 Windows Update
27-04-2014 11:26:34 HPSF Restore Point
29-04-2014 11:51:04 Windows Backup
29-04-2014 12:22:23 Windows Update
01-05-2014 17:57:30 Windows Update
03-05-2014 00:11:51 Windows Live Essentials
05-05-2014 02:50:08 Configured YouCam
05-05-2014 20:02:52 HPSF Applying updates
05-05-2014 22:33:42 HPSF Applying updates
06-05-2014 02:52:52 Windows Update
06-05-2014 04:00:13 Windows Backup
09-05-2014 11:19:22 Windows Update
13-05-2014 09:00:59 Windows Backup
13-05-2014 09:16:28 Windows Update
15-05-2014 11:30:28 Windows Modules Installer
15-05-2014 16:49:29 Windows Live Essentials
15-05-2014 16:51:29 WLSetup
18-05-2014 16:39:53 Windows Update
18-05-2014 18:14:03 Norton 360 Registry Clean
20-05-2014 04:00:25 Windows Backup
22-05-2014 13:34:01 Windows Update
27-05-2014 11:47:37 Windows Backup
30-05-2014 15:12:24 Windows Update
03-06-2014 04:00:08 Windows Backup
03-06-2014 04:01:15 Windows Update
04-06-2014 07:38:21 Configured YouCam
04-06-2014 09:09:50 Windows Update
04-06-2014 13:42:25 Installed DriverUpdate
05-06-2014 17:59:06 Removed DriverUpdate
06-06-2014 00:50:09 Installed HP Support Solutions Framework
06-06-2014 01:30:00 Removed Skype™ 6.16
06-06-2014 01:33:53 Removed Skype Click to Call
06-06-2014 14:06:47 Windows Update
10-06-2014 12:33:45 Windows Update
14-06-2014 13:58:01 Windows Update
14-06-2014 15:12:26 Restore Operation
14-06-2014 16:08:00 Windows Update
15-06-2014 12:22:40 Windows Update
17-06-2014 04:27:48 Windows Backup
25-06-2014 19:02:33 Windows Update
25-06-2014 19:21:40 Windows Backup
30-06-2016 12:20:31 HPSF Restore Point
30-06-2016 13:43:26 Windows Backup
30-06-2016 18:18:15 Windows Update
30-06-2016 18:31:04 Installed AVG 2016
30-06-2016 18:33:23 Installed AVG
02-07-2016 20:15:48 Removed Norton Online Backup
02-07-2016 20:36:56 Removed Norton Online Backup
02-07-2016 22:50:09 Windows Update
03-07-2016 19:42:33 Windows Update
03-07-2016 22:53:49 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2016 04:34:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
Error: (07/04/2016 04:34:41 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Error processing registry parameters. Extension agent terminating.
Error: (07/04/2016 04:34:41 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
Error: (07/04/2016 04:34:41 PM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: Error positioning to end of log file -- seek to end of log failed. Handle specified is 20906056. Return code from ReadEventLog is 122.
Error: (07/04/2016 02:50:34 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
Error: (07/04/2016 02:50:34 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Error processing registry parameters. Extension agent terminating.
Error: (07/04/2016 02:50:34 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
Error: (07/04/2016 02:50:34 PM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: Error positioning to end of log file -- seek to end of log failed. Handle specified is 19529800. Return code from ReadEventLog is 122.
Error: (07/04/2016 10:04:00 AM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
Error: (07/04/2016 10:04:00 AM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Error processing registry parameters. Extension agent terminating.
System errors:
=============
Error: (07/04/2016 05:58:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the defragsvc service.
Error: (07/04/2016 05:07:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the defragsvc service.
Error: (07/04/2016 04:34:36 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (07/04/2016 04:33:33 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (07/04/2016 04:23:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {B8FB4AD7-EA4A-4B47-BFDC-BFC94160A8EA}
Error: (07/04/2016 04:08:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.
Error: (07/04/2016 02:59:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (07/04/2016 02:50:30 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (07/04/2016 02:49:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (07/04/2016 02:49:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
CodeIntegrity:
===================================
Date: 2011-08-23 15:05:52.608
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:52.514
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:51.391
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:51.313
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:48.848
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\tapbind1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:48.786
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\tapbind1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:47.584
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\tapbind1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 15:05:47.522
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\tapbind1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 12:01:25.644
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2011-08-23 12:01:25.566
Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Release\endetect.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 900 @ 2.20GHz
Percentage of memory in use: 94%
Total physical RAM: 1978.92 MB
Available physical RAM: 114.3 MB
Total Virtual: 4123.79 MB
Available Virtual: 898.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:216.47 GB) (Free:53.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.12 GB) (Free:0.43 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 92636A50)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=216.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================