Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

slow computer


  • Please log in to reply

#1
gregahoffman

gregahoffman

    Member

  • Member
  • PipPipPip
  • 400 posts

recently my laptop has slowed down quite a bit. i don't know if its malware related or something else.

 

just wanted to see if my machine caught something or might it be hardware related.

 

thank you


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,017 posts
  • MVP
Separate Reply for each log is probably easiest.
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    •  
     
  • Get FRST from
  • You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Check the Addition.txt box
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
     

    • 0

    #3
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    thanks for the help. sorry its such a late reply, long day at work.  results below in order...

     

    # AdwCleaner v5.201 - Logfile created 22/07/2016 at 21:59:27
    # Updated 30/06/2016 by ToolsLib
    # Database : 2016-07-21.2 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (X64)
    # Username : greg & jacki - HPLAPTOP
    # Running from : C:\Users\greg & jacki\Desktop\Tools\adwcleaner_5.201.exe
    # Option : Clean
    # Support : https://toolslib.net/forum

    ***** [ Services ] *****

    ***** [ Folders ] *****

    ***** [ Files ] *****

    ***** [ DLLs ] *****

    ***** [ WMI ] *****

    ***** [ Shortcuts ] *****

    ***** [ Scheduled tasks ] *****

    ***** [ Registry ] *****

    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

    ***** [ Web browsers ] *****

    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C10].txt - [4104 bytes] - [28/06/2016 08:05:01]
    C:\AdwCleaner\AdwCleaner[C11].txt - [4246 bytes] - [30/06/2016 20:00:38]
    C:\AdwCleaner\AdwCleaner[C12].txt - [4401 bytes] - [05/07/2016 21:38:12]
    C:\AdwCleaner\AdwCleaner[C13].txt - [4549 bytes] - [07/07/2016 21:19:42]
    C:\AdwCleaner\AdwCleaner[C14].txt - [4697 bytes] - [11/07/2016 06:54:37]
    C:\AdwCleaner\AdwCleaner[C15].txt - [4845 bytes] - [12/07/2016 07:34:57]
    C:\AdwCleaner\AdwCleaner[C16].txt - [5451 bytes] - [16/07/2016 15:44:27]
    C:\AdwCleaner\AdwCleaner[C17].txt - [5141 bytes] - [18/07/2016 07:43:08]
    C:\AdwCleaner\AdwCleaner[C18].txt - [5289 bytes] - [21/07/2016 07:56:58]
    C:\AdwCleaner\AdwCleaner[C19].txt - [1537 bytes] - [22/07/2016 21:59:27]
    C:\AdwCleaner\AdwCleaner[C1].txt - [4172 bytes] - [04/02/2016 09:31:18]
    C:\AdwCleaner\AdwCleaner[C2].txt - [3235 bytes] - [21/01/2016 19:51:02]
    C:\AdwCleaner\AdwCleaner[C3].txt - [5775 bytes] - [27/04/2016 07:53:57]
    C:\AdwCleaner\AdwCleaner[C4].txt - [2748 bytes] - [01/05/2016 19:16:46]
    C:\AdwCleaner\AdwCleaner[C5].txt - [3662 bytes] - [10/06/2016 18:46:43]
    C:\AdwCleaner\AdwCleaner[C6].txt - [3512 bytes] - [12/06/2016 19:47:19]
    C:\AdwCleaner\AdwCleaner[C7].txt - [3656 bytes] - [20/06/2016 08:01:14]
    C:\AdwCleaner\AdwCleaner[C8].txt - [3809 bytes] - [22/06/2016 08:25:13]
    C:\AdwCleaner\AdwCleaner[C9].txt - [3956 bytes] - [23/06/2016 07:59:32]
    C:\AdwCleaner\AdwCleaner[R0].txt - [3051 bytes] - [17/01/2016 15:38:12]
    C:\AdwCleaner\AdwCleaner[R2].txt - [1123 bytes] - [09/02/2016 20:59:14]
    C:\AdwCleaner\AdwCleaner[R3].txt - [1182 bytes] - [15/02/2016 08:12:14]
    C:\AdwCleaner\AdwCleaner[R4].txt - [1241 bytes] - [15/02/2016 08:13:52]
    C:\AdwCleaner\AdwCleaner[R5].txt - [1301 bytes] - [20/02/2016 12:13:13]
    C:\AdwCleaner\AdwCleaner[R6].txt - [1527 bytes] - [09/03/2016 08:19:03]
    C:\AdwCleaner\AdwCleaner[R7].txt - [1537 bytes] - [11/03/2016 09:04:28]
    C:\AdwCleaner\AdwCleaner[R8].txt - [1745 bytes] - [15/03/2016 21:47:11]
    C:\AdwCleaner\AdwCleaner[R9].txt - [1773 bytes] - [18/03/2016 18:09:30]
    C:\AdwCleaner\AdwCleaner[S0].txt - [3044 bytes] - [17/01/2016 15:40:08]
    C:\AdwCleaner\AdwCleaner[S10].txt - [2491 bytes] - [12/05/2016 07:03:55]
    C:\AdwCleaner\AdwCleaner[S11].txt - [2571 bytes] - [14/05/2016 08:13:45]
    C:\AdwCleaner\AdwCleaner[S12].txt - [2639 bytes] - [18/05/2016 19:04:30]
    C:\AdwCleaner\AdwCleaner[S13].txt - [2713 bytes] - [28/05/2016 08:09:45]
    C:\AdwCleaner\AdwCleaner[S14].txt - [2787 bytes] - [30/05/2016 16:35:33]
    C:\AdwCleaner\AdwCleaner[S15].txt - [2867 bytes] - [03/06/2016 13:26:01]
    C:\AdwCleaner\AdwCleaner[S16].txt - [2941 bytes] - [05/06/2016 19:27:58]
    C:\AdwCleaner\AdwCleaner[S17].txt - [3015 bytes] - [08/06/2016 07:58:44]
    C:\AdwCleaner\AdwCleaner[S18].txt - [3477 bytes] - [10/06/2016 18:45:35]
    C:\AdwCleaner\AdwCleaner[S19].txt - [3345 bytes] - [12/06/2016 19:46:04]
    C:\AdwCleaner\AdwCleaner[S1].txt - [3925 bytes] - [04/02/2016 09:29:21]
    C:\AdwCleaner\AdwCleaner[S20].txt - [3489 bytes] - [20/06/2016 08:00:02]
    C:\AdwCleaner\AdwCleaner[S21].txt - [3642 bytes] - [22/06/2016 08:24:09]
    C:\AdwCleaner\AdwCleaner[S22].txt - [3789 bytes] - [23/06/2016 07:58:24]
    C:\AdwCleaner\AdwCleaner[S23].txt - [3936 bytes] - [28/06/2016 08:03:48]
    C:\AdwCleaner\AdwCleaner[S24].txt - [4078 bytes] - [30/06/2016 19:58:43]
    C:\AdwCleaner\AdwCleaner[S25].txt - [4232 bytes] - [05/07/2016 21:37:10]
    C:\AdwCleaner\AdwCleaner[S26].txt - [4380 bytes] - [07/07/2016 21:18:33]
    C:\AdwCleaner\AdwCleaner[S27].txt - [4528 bytes] - [11/07/2016 06:53:36]
    C:\AdwCleaner\AdwCleaner[S28].txt - [4676 bytes] - [12/07/2016 07:33:22]
    C:\AdwCleaner\AdwCleaner[S29].txt - [5264 bytes] - [16/07/2016 15:42:59]
    C:\AdwCleaner\AdwCleaner[S2].txt - [4291 bytes] - [21/01/2016 19:48:57]
    C:\AdwCleaner\AdwCleaner[S30].txt - [4972 bytes] - [18/07/2016 07:41:53]
    C:\AdwCleaner\AdwCleaner[S31].txt - [5120 bytes] - [21/07/2016 07:55:20]
    C:\AdwCleaner\AdwCleaner[S32].txt - [5268 bytes] - [22/07/2016 18:56:58]
    C:\AdwCleaner\AdwCleaner[S33].txt - [5342 bytes] - [22/07/2016 21:56:52]
    C:\AdwCleaner\AdwCleaner[S34].txt - [5416 bytes] - [22/07/2016 21:58:32]
    C:\AdwCleaner\AdwCleaner[S3].txt - [3473 bytes] - [20/02/2016 12:14:19]
    C:\AdwCleaner\AdwCleaner[S4].txt - [3694 bytes] - [09/03/2016 08:20:28]
    C:\AdwCleaner\AdwCleaner[S5].txt - [3708 bytes] - [11/03/2016 09:05:34]
    C:\AdwCleaner\AdwCleaner[S6].txt - [7291 bytes] - [15/03/2016 21:49:00]
    C:\AdwCleaner\AdwCleaner[S7].txt - [4407 bytes] - [18/03/2016 18:10:36]
    C:\AdwCleaner\AdwCleaner[S8].txt - [2349 bytes] - [02/05/2016 07:03:57]

     

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.7 (07.03.2016)
    Operating System: Windows 7 Home Premium x64
    Ran by greg & jacki (Administrator) on Fri 07/22/2016 at 22:05:48.99
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    File System: 26

    Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
    Successfully deleted: C:\ProgramData\productdata (Folder)
    Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\9618 (Folder)
    Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\iobit\driver booster (Folder)
    Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\productdata (Folder)
    Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
    Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (greg & jacki) (Task)
    Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag4_Startup (Task)
    Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_greg_&_jacki (Task)
    Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XM4F6SE (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2QA9PWPQ (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1SVZH6Z (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGGKGM9Q (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVWSVACF (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXQ8ESL4 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIF7J2XO (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LL1HF8MB (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTVKSLMW (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWSVANFQ (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLJ4A72D (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXU3TGEP (Temporary Internet Files Folder)

     

    Registry: 3

    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{307679DE-83ED-4077-82D2-BD13FE0112B1} (Registry Key)
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} (Registry Key)
    Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{307679DE-83ED-4077-82D2-BD13FE0112B1} (Registry Key)

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 07/22/2016 at 22:08:34.79
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    C:\AdwCleaner\AdwCleaner[S9].txt - [2422 bytes] - [02/05/2016 08:05:26]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C19].txt - [5505 bytes] ##########

     

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
    Ran by greg & jacki (administrator) on HPLAPTOP (22-07-2016 22:22:54)
    Running from C:\Users\greg & jacki\Desktop
    Loaded Profiles: greg & jacki (Available Profiles: greg & jacki)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 9 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
    (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
    () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
    () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
    (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
    (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_210_ActiveX.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel® Corporation)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
    HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-12-01] (Easybits)
    HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
    HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: ** <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
    HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
    HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
    HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
    HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
    HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
    HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2547048 2011-03-30] (Hewlett-Packard Co.)
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2022688 2016-04-26] (IObit)
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
    ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-03-30] (EasyBits Software Corp.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
    Tcpip\..\Interfaces\{F1B6EB07-5742-48CD-8569-8F9DC1979B1B}: [DhcpNameServer] 75.75.76.76 75.75.75.75

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
    SearchScopes: HKLM -> {307679DE-83ED-4077-82D2-BD13FE0112B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> DefaultScope {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> {E4197AB8-0441-4D48-81F8-B3ACFE5D4C3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    Toolbar: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-21] (Adobe Systems, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-03]
    CHR Extension: (Website Logon) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2016-01-03]
    CHR Extension: (Google Docs) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03]
    CHR Extension: (Google Drive) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
    CHR Extension: (YouTube) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
    CHR Extension: (Google Search) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
    CHR Extension: (Google Sheets) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-03]
    CHR Extension: (Google Docs Offline) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-08]
    CHR Extension: (Gmail) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03]
    CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
    R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2011-01-30] (Red Bend Ltd.) [File not signed]
    R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
    R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
    R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
    R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
    R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
    S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
    S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC)
    S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
    R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-10-13] (VMware, Inc.)
    S3 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware)
    R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [885248 2011-01-30] (Intel® Corporation) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-10-14] (VMware, Inc.)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] () [File not signed]
    S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-12-18] () [File not signed]
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
    R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-09] (REALiX™)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
    R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
    R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
    R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
    S3 cpuz137; \??\C:\Users\GREG&J~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
    S3 cpuz138; \??\C:\Users\GREG&J~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-22 22:22 - 2016-07-22 22:23 - 00046354 _____ C:\Users\greg & jacki\Desktop\FRST.txt
    2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\Users\greg & jacki\AppData\Roaming\ProductData
    2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\ProgramData\ProductData
    2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\FRST
    2016-07-22 22:08 - 2016-07-22 22:08 - 00004596 _____ C:\Users\greg & jacki\Desktop\JRT.txt
    2016-07-22 22:04 - 2016-07-22 22:04 - 00005585 _____ C:\Users\greg & jacki\Desktop\AdwCleaner[C19].txt
    2016-07-22 18:55 - 2016-07-22 18:55 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\greg & jacki\Desktop\procexp.exe
    2016-07-22 18:54 - 2016-07-22 18:54 - 02393600 _____ (Farbar) C:\Users\greg & jacki\Desktop\FRST64.exe
    2016-07-22 18:53 - 2016-07-22 18:53 - 01610560 _____ (Malwarebytes) C:\Users\greg & jacki\Desktop\JRT.exe
    2016-07-17 17:33 - 2016-07-17 17:33 - 00000000 ____D C:\Users\greg & jacki\AppData\Local\ESET
    2016-07-17 17:21 - 2016-07-17 17:31 - 00227152 _____ C:\TDSSKiller.3.1.0.9_17.07.2016_17.21.39_log.txt
    2016-07-14 10:15 - 2016-07-14 10:15 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 17892352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 12388864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 10938368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 09753088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-07-14 08:33 - 2016-07-14 08:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-07-14 08:33 - 2016-07-14 08:33 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01814528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-07-14 08:33 - 2016-07-14 08:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-07-14 08:33 - 2016-07-14 08:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-07-14 08:33 - 2016-07-14 08:33 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-07-14 08:33 - 2016-07-14 08:33 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2016-07-14 08:33 - 2016-07-14 08:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2016-07-14 08:33 - 2016-07-14 08:33 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2016-07-14 06:46 - 2016-07-14 06:46 - 28318536 _____ C:\Users\greg & jacki\Downloads\Unconfirmed 573095.crdownload
    2016-07-14 06:36 - 2016-07-14 06:43 - 36138288 _____ (Microsoft Corporation) C:\Users\greg & jacki\Downloads\IE9-WindowsVista-x64-enu.exe
    2016-07-14 06:31 - 2016-07-14 06:31 - 00001413 _____ C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
    2016-07-14 06:18 - 2016-07-14 06:19 - 36380976 _____ (Microsoft Corporation) C:\Users\greg & jacki\Downloads\IE9-Windows7-x64-enu.exe
    2016-07-13 06:03 - 2016-07-13 06:03 - 00000000 ____D C:\Users\greg & jacki\AppData\Local\GWX
    2016-07-12 21:54 - 2016-07-14 08:28 - 00000000 ____D C:\Windows\Panther
    2016-07-12 14:37 - 2016-06-25 19:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-07-12 14:37 - 2016-06-25 19:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-07-12 14:37 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2016-07-12 14:37 - 2016-06-25 19:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-07-12 14:37 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
    2016-07-12 14:37 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
    2016-07-12 14:37 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
    2016-07-12 14:37 - 2016-06-25 14:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2016-07-12 14:37 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
    2016-07-12 14:37 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
    2016-07-12 14:37 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
    2016-07-12 14:37 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
    2016-07-12 14:37 - 2016-06-22 08:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-07-12 14:37 - 2016-06-17 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-07-12 14:36 - 2016-06-14 10:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-07-12 07:47 - 2016-07-12 07:47 - 01030400 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2016-07-12 07:47 - 2016-07-12 07:47 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2016-07-11 06:57 - 2016-07-11 06:57 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EA4CE9EE-021A-4CE5-A8D5-ADA3284B2958}
    2016-07-05 07:36 - 2016-07-16 03:15 - 00000000 ____D C:\Windows\EOONotify
    2016-06-30 19:51 - 2016-06-30 19:51 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201 (2).exe
    2016-06-30 19:50 - 2016-06-30 19:50 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201 (1).exe
    2016-06-30 19:49 - 2016-06-30 19:49 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01732888 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-06-25 16:51 - 2016-06-25 16:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2016-06-25 16:51 - 2016-06-25 16:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2016-06-25 16:51 - 2016-06-25 16:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2016-06-25 16:51 - 2016-06-25 16:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2016-06-25 16:51 - 2016-06-25 16:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-22 22:13 - 2016-03-18 17:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-07-22 22:11 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-07-22 22:11 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-07-22 22:09 - 2016-01-03 08:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\Users\greg & jacki\AppData\Roaming\IObit
    2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\ProgramData\IObit
    2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-22 22:03 - 2015-10-25 11:48 - 00000000 ___HD C:\Users\greg & jacki\AppData\Local\CrashDumps
    2016-07-22 22:02 - 2016-01-03 08:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-22 22:02 - 2015-10-24 16:30 - 00000000 ____D C:\ProgramData\MFAData
    2016-07-22 22:01 - 2015-10-24 16:10 - 00000000 ___HD C:\Users\greg & jacki\AppData\LocalLow\AuthenTec
    2016-07-22 22:01 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-07-22 21:59 - 2016-01-17 15:38 - 00000000 ____D C:\AdwCleaner
    2016-07-22 21:01 - 2015-10-25 10:35 - 00000270 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
    2016-07-22 15:43 - 2015-10-24 16:15 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{79FA8574-6A16-4BDF-A53F-11F1C3E82809}
    2016-07-21 08:04 - 2009-07-14 00:13 - 00778180 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-21 08:04 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
    2016-07-20 03:00 - 2015-10-26 08:54 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2016-07-20 03:00 - 2015-10-26 08:54 - 00000000 ___SD C:\Windows\system32\GWX
    2016-07-18 07:55 - 2009-07-13 23:45 - 00409216 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-07-18 07:44 - 2016-02-20 12:17 - 96337920 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
    2016-07-18 07:44 - 2016-02-20 12:17 - 45142016 _____ C:\Windows\system32\config\components.iodefrag.bak
    2016-07-18 07:44 - 2016-02-20 12:17 - 00897024 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
    2016-07-18 07:44 - 2016-02-20 12:17 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
    2016-07-18 07:44 - 2016-02-20 12:17 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
    2016-07-17 20:37 - 2015-10-26 12:16 - 00000000 ____D C:\Users\greg & jacki\Desktop\Tools
    2016-07-16 03:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2016-07-16 03:34 - 2015-10-24 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-07-16 03:15 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-07-14 10:15 - 2016-03-18 17:54 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-14 10:15 - 2016-03-18 17:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-14 10:15 - 2016-03-18 17:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-07-13 08:23 - 2015-10-30 09:43 - 00000196 _____ C:\Users\greg & jacki\Desktop\Facebook.url
    2016-07-12 21:03 - 2015-11-02 12:04 - 00109296 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
    2016-07-12 20:57 - 2015-10-30 09:40 - 00109296 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
    2016-07-12 20:33 - 2009-07-13 21:34 - 00000514 _____ C:\Windows\win.ini
    2016-07-12 20:31 - 2015-10-25 17:56 - 00781298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2016-07-12 19:23 - 2015-10-26 08:55 - 00000000 ____D C:\Windows\system32\appraiser
    2016-07-12 19:20 - 2015-10-26 06:27 - 00000000 ____D C:\Windows\system32\MRT
    2016-07-12 19:16 - 2015-10-26 06:27 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-12 19:12 - 2015-11-03 12:45 - 00003676 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
    2016-07-12 08:08 - 2015-10-30 10:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-12 07:47 - 2015-10-24 17:17 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2016-07-12 07:43 - 2015-10-26 09:19 - 00000000 ____D C:\Windows\system32\Macromed
    2016-07-12 07:43 - 2011-03-30 22:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2016-07-11 17:54 - 2015-10-28 00:37 - 00000000 ___HD C:\Users\greg & jacki\AppData\Roaming\VMware
    2016-06-29 14:59 - 2015-10-24 16:29 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
    2016-06-29 14:59 - 2015-10-24 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
    2016-06-23 03:01 - 2015-10-28 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-06-23 03:00 - 2015-10-28 09:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-06-23 03:00 - 2015-10-28 09:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

    ==================== Files in the root of some directories =======

    2015-10-25 10:32 - 2015-10-25 10:32 - 0000057 _____ () C:\ProgramData\Ament.ini

    Some files in TEMP:
    ====================
    C:\Users\greg & jacki\AppData\Local\Temp\libeay32.dll
    C:\Users\greg & jacki\AppData\Local\Temp\msvcr120.dll
    C:\Users\greg & jacki\AppData\Local\Temp\sqlite3.dll

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2016-07-17 00:52

    ==================== End of FRST.txt ============================

     

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2016
    Ran by greg & jacki (2016-07-22 22:24:06)
    Running from C:\Users\greg & jacki\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2015-10-24 21:09:30)
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================

    Administrator (S-1-5-21-2642546764-1993480236-4026764921-500 - Administrator - Disabled)
    greg & jacki (S-1-5-21-2642546764-1993480236-4026764921-1001 - Administrator - Enabled) => C:\Users\greg & jacki
    Guest (S-1-5-21-2642546764-1993480236-4026764921-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2642546764-1993480236-4026764921-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
    AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
    Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
    Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
    AOMEI Partition Assistant Standard Edition 5.8 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
    ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
    AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
    AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
    AVG (Version: 16.91.7688 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
    AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden
    CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
    Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
    FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    HP 3D DriveGuard (HKLM\...\{0128D231-B23B-409C-A531-39D8D8774BA1}) (Version: 4.1.5.1 - Hewlett-Packard Company)
    HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
    HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{B6A3EAE4-3727-46A4-A659-8576BF7C8C8D}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
    HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{F638F65B-B435-44E0-9382-7F90BDB003E2}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
    HP Documentation (HKLM-x32\...\{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
    HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company)
    HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{F8070C51-4B1D-430C-8BCF-19696368366F}) (Version: 4.0.110.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6329.0 - IDT)
    Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
    Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    Intel® Wireless Display (HKLM-x32\...\{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}) (Version: 2.0.30.0 - Intel Corporation)
    Intel® PROSet/Wireless WiMAX Software (HKLM\...\{18A6B663-A646-457B-A314-5CF58AECB06A}) (Version: 6.02.0000 - Intel Corporation)
    IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
    Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
    RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
    Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
    Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)
    Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.4 - Tweaking.com)
    Validity WBF DDK (HKLM\...\{7C54D017-21BB-43AE-9746-33E78AF4A425}) (Version: 4.3.118.0 - Validity Sensors, Inc.)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C7D692E-0802-4F99-B0C1-1795CC8F0C0C} - System32\Tasks\greg & jacki1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-07-15] (Seagate Technology LLC)
    Task: {36882EBC-72A8-4DC0-9A33-ABA05AC94A50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.)
    Task: {4DBD0E55-627F-433D-A58C-F4F7B8434661} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-08] (CyberLink)
    Task: {56C027B8-10A8-4FB1-B963-DF1BF451AF5C} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
    Task: {604B1031-D317-4295-869E-60701D8F94FF} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
    Task: {67658A3E-23D4-421E-873D-86B664636050} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-08] (Microsoft Corporation)
    Task: {6C27BB5D-B58A-4843-B62B-E9C7BB126D71} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-07-15] (Seagate Technology LLC)
    Task: {6DF2A9E0-2FD5-4E30-87B4-5CAA16AC1E19} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
    Task: {7E372931-A1A9-4B04-BE8B-E253538B5737} - System32\Tasks\greg & jacki DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-07-15] (Seagate Technology LLC)
    Task: {81F9C68B-4BEC-4767-8A9D-83A080683AFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-12-02] (Microsoft)
    Task: {8CB452F4-1956-49E6-9EE8-515F059CF622} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
    Task: {95E50C0B-49ED-4598-B587-5B4C39C0A0C7} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit)
    Task: {963EB87A-4915-4AFC-9C07-E2A0F6427A91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.)
    Task: {A4F5759D-7340-4F34-BD11-C88D3A769C1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
    Task: {AA4AD301-F2E8-4CCE-B36F-5AD9F270D414} - System32\Tasks\ASC9_SkipUac_greg & jacki => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit)
    Task: {B4BF5E4C-2333-49A6-8C22-16D2AEB72AD0} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
    Task: {CCF32A04-8A1A-41F7-BC81-F5453E8FB9AF} - System32\Tasks\1015avzUpdateInfo => C:\ProgramData\Avg_Update_1015avz\1015avz_AVG-Secure-Search-Update.exe
    Task: {E770AF70-6148-4A8D-A1EB-911C914740DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-12-02] (Microsoft)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2011-01-05 14:53 - 2011-01-05 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
    2015-06-16 11:10 - 2015-06-16 11:10 - 00226240 _____ () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
    2015-07-31 15:42 - 2015-07-31 15:42 - 06363792 _____ () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
    2011-03-30 16:19 - 2011-03-30 16:19 - 02673000 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
    2015-12-09 01:36 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
    2015-06-16 11:04 - 2015-06-16 11:04 - 00239552 _____ () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
    2011-04-27 18:05 - 2011-04-27 18:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
    2016-05-11 03:51 - 2016-05-11 03:51 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\61a733954a0da9a5988d596c76b2b891\IsdiInterop.ni.dll
    2015-10-24 17:13 - 2011-01-12 20:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\008k.com -> 008k.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\00hq.com -> 00hq.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-se.com -> 1-se.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1001movie.com -> 1001movie.com
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1001night.biz -> 1001night.biz
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\100gal.net -> 100gal.net
    IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\100sexlinks.com -> 100sexlinks.com

    There are 4790 more sites.

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2016-07-12 20:33 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1       localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 75.75.76.76 - 75.75.75.75
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdvancedSystemCareService8 => 2
    MSCONFIG\Services: LiveUpdateSvc => 2
    MSCONFIG\Services: RoxioNow Service => 2
    MSCONFIG\Services: Seagate Dashboard Services => 2
    MSCONFIG\Services: Seagate MobileBackup Service => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: WinDefend => 3
    MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
    MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{FA2A053B-3763-4AF8-B6AE-4B42DE0CFABB}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
    FirewallRules: [{122939D9-7D11-4E5E-829D-A03495A614B9}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
    FirewallRules: [{2B429156-C6BF-4AEE-941A-151843277944}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{AFF6F81E-EA7F-4DCF-BB14-5904BCC3ED52}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{A3A5EF2D-26CA-4E79-8BD9-4433E5DA545B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{F70020D9-09D6-47E1-83F8-935B7158FE18}] => (Allow) LPort=2869
    FirewallRules: [{5F7EF239-7066-4A06-B7DC-5585EFDB4487}] => (Allow) LPort=1900
    FirewallRules: [{11925C4F-46C5-47CC-A3F1-D94618F52C96}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{3AA5DC62-D991-4ED3-914F-A9F5F1783F06}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [{525CA1FD-A433-4617-800A-7CECCA465FB3}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
    FirewallRules: [{FED5E636-AD6E-4C87-935A-07EB13F204BD}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
    FirewallRules: [{C4AA47D7-4FD2-4193-B8C1-4A4101D5D987}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{BE64F1D7-91D5-4AAE-9247-5B7EC9C24149}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    FirewallRules: [{947CAEC5-EEC8-4884-85A3-73402DF17195}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    FirewallRules: [{50C02676-23CB-4F30-8AA7-30F0AF105BEA}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    FirewallRules: [{EA6D39EE-CF25-4597-86CB-373FFCF2DD87}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    FirewallRules: [{6909F2B6-3FE1-4926-955F-1E07AA2DBD25}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
    FirewallRules: [{6A87A38F-65C7-4F13-9B3A-F7C9A7595549}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{38D2F4E5-9FDE-493B-9AD5-F17E2E8EB4A0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{1D492753-7346-492B-8201-DA0578D9BA3A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
    FirewallRules: [{41B74564-0A7F-42C5-B50A-D972BAFD036E}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{D4F40994-0868-459F-AD67-5889842395F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{57020AF1-20A8-46E2-A462-73E073642E7D}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
    FirewallRules: [{9AEB8BDF-6CC1-4BAC-B581-D696C225B890}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
    FirewallRules: [{AD8789E1-245E-41AF-BCA8-E0F045F05A8B}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
    FirewallRules: [{F6C62D52-F900-43DB-9591-61C9CCEED6BF}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
    FirewallRules: [{429C4173-61A1-42D5-A2CE-141CB4C54080}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
    FirewallRules: [{C4AFB040-82B3-485F-BB74-766E8B6DB1C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
    FirewallRules: [{699ACC84-9C6C-4C8E-9961-6741BD0D24FD}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
    FirewallRules: [{9DD42E49-C405-4C8A-9029-3C667070BD25}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
    FirewallRules: [{441BE0D9-2B13-423A-B660-296B59AD45A9}] => (Allow) LPort=8888
    FirewallRules: [TCP Query User{4177CAE2-6874-4A79-B417-3E4EBA4D2B1E}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
    FirewallRules: [UDP Query User{BADFD149-13F4-401F-A4F5-06A1F86B97E8}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
    FirewallRules: [{EFE98695-A6FD-4119-A6FA-6FAD25417338}] => (Allow) LPort=8888
    FirewallRules: [{17A459BA-6303-404F-A15C-D594426BE254}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    FirewallRules: [{64788292-6A9A-439C-B216-59FA876BE136}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
    FirewallRules: [{392D1FF6-C390-4CAA-94E8-7F976D86143F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
    FirewallRules: [{26734368-65CF-4421-96C7-E9834638AE4B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
    FirewallRules: [{D50AC84E-C386-4086-8F52-30534B4D2C0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
    FirewallRules: [{FA02A8BC-30A9-4386-AE49-711E282FB9AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
    FirewallRules: [{1C674F58-02B6-4344-8295-1A087CDE8D9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{56DCEDC2-72D9-4617-B1E3-8E4456EC5D2E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{29CAAD03-7003-4C6B-B5D8-4413D42D963B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{79C00CE1-0348-4D4E-A149-3B0295F6C1DD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{9B43D347-8D39-404F-8A26-0E1C0B25C098}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{530F22C2-16BD-41EE-9300-3F329E683AC3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{D2350CCB-E430-497A-BFA3-5F5FC41F6002}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{01800A42-B181-4EF8-BEF4-26B8D79563AE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{41653198-7245-45F7-8A6D-10050D3E8E03}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{AEB67212-6389-46C7-B2EC-FE2581CA9AB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{D9CBB6C5-0265-4A48-9F84-ACF1152192A1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{5944C50C-AD92-4F97-AE21-B1475BE10243}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{301E8F0D-9113-4F8F-B354-AC8C4A4174AF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

    ==================== Restore Points =========================

    03-04-2016 23:00:17 Windows Backup
    08-04-2016 20:44:55 DVDFab 9.2.3.7 (29/03/2016) restore point
    10-04-2016 23:00:28 Windows Backup
    12-04-2016 03:00:13 Windows Update
    14-04-2016 03:00:19 Windows Update
    23-04-2016 08:28:06 Scheduled Checkpoint
    23-04-2016 08:35:32 Driver Booster : Realtek PCIe GBE Family Controller
    23-04-2016 08:58:10 Windows Backup
    24-04-2016 01:28:28 Windows Modules Installer
    24-04-2016 01:29:04 Windows Modules Installer
    24-04-2016 23:00:25 Windows Backup
    02-05-2016 08:36:22 Scheduled Checkpoint
    05-05-2016 03:00:14 Windows Update
    05-05-2016 21:13:10 Windows Update
    08-05-2016 23:00:19 Windows Backup
    10-05-2016 03:00:11 Windows Update
    11-05-2016 03:00:14 Windows Update
    11-05-2016 19:14:42 Windows Update
    15-05-2016 23:00:22 Windows Backup
    22-05-2016 17:33:12 Windows Backup
    22-05-2016 18:55:27 Windows Backup
    22-05-2016 23:00:13 Windows Backup
    23-05-2016 07:54:59 Windows Modules Installer
    26-05-2016 03:00:23 Windows Update
    30-05-2016 14:45:32 Windows Backup
    03-06-2016 11:12:52 Windows Backup
    10-06-2016 19:32:10 Scheduled Checkpoint
    15-06-2016 03:00:29 Windows Update
    22-06-2016 09:00:19 Scheduled Checkpoint
    23-06-2016 03:00:10 Windows Update
    25-06-2016 16:49:26 Windows Modules Installer
    30-06-2016 00:00:23 Windows Backup
    05-07-2016 07:35:38 Windows Modules Installer
    12-07-2016 07:45:04 Driver Booster : 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
    12-07-2016 19:13:49 Windows Update
    12-07-2016 21:43:07 Windows Modules Installer
    12-07-2016 21:47:44 Windows Modules Installer
    13-07-2016 07:00:33 Restore Operation
    13-07-2016 21:46:20 Windows Modules Installer
    13-07-2016 21:49:28 Windows Update
    14-07-2016 06:06:40 Windows Modules Installer
    14-07-2016 06:23:49 Windows Modules Installer
    14-07-2016 08:32:06 Windows Modules Installer
    16-07-2016 03:00:10 Windows Update
    17-07-2016 08:34:47 Restore Operation
    20-07-2016 03:00:14 Windows Update
    22-07-2016 22:06:15 JRT Pre-Junkware Removal

    ==================== Faulty Device Manager Devices =============

    Name: Intel® Centrino® WiMAX 6150
    Description: Intel® Centrino® WiMAX 6150
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: bpmp
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/22/2016 10:02:41 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0x13d8
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/22/2016 10:02:12 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0xb28
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/21/2016 08:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0x1324
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/21/2016 08:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0xc88
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/18/2016 07:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0xc04
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/18/2016 07:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0xacc
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/18/2016 07:46:55 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0x1320
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/18/2016 07:46:53 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0x94
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    Error: (07/17/2016 07:55:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program esetonlinescanner_enu.exe version 2.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 364

    Start Time: 01d1e08355dcf7cd

    Termination Time: 63

    Application Path: C:\Users\greg & jacki\Desktop\esetonlinescanner_enu.exe

    Report Id:

    Error: (07/17/2016 06:28:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
    Exception code: 0x40000015
    Fault offset: 0x001e2080
    Faulting process id: 0x1614
    Faulting application start time: 0xFitbit Connect.exe0
    Faulting application path: Fitbit Connect.exe1
    Faulting module path: Fitbit Connect.exe2
    Report Id: Fitbit Connect.exe3

    System errors:
    =============
    Error: (07/22/2016 10:03:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

    Error: (07/22/2016 10:02:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the HP Client Services service to connect.

    Error: (07/22/2016 10:00:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Intel® PROSet/Wireless WiMAX Service service failed to start due to the following error:
    %%109 = The pipe has been ended.

    Error: (07/22/2016 10:00:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Print Spooler service failed to start due to the following error:
    %%1069 = The service did not start due to a logon failure.

    Error: (07/22/2016 10:00:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
    Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
    %%50 = The request is not supported.

    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Error: (07/22/2016 10:00:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The AVG WatchDog service did not shut down properly after receiving a preshutdown control.

    Error: (07/22/2016 10:00:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.

    Error: (07/22/2016 09:59:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\IWMSSvc.dll

    Error: (07/22/2016 09:59:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (07/22/2016 09:59:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

    ==================== Memory info ===========================

    Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
    Percentage of memory in use: 26%
    Total physical RAM: 8139.86 MB
    Available physical RAM: 5994.96 MB
    Total Virtual: 16277.9 MB
    Available Virtual: 14096.9 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:916.54 GB) (Free:669.64 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (RECOVERY) (Fixed) (Total:14.68 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive e: () (Fixed) (Total:330.32 GB) (Free:187.05 GB) NTFS
    Drive f: () (Fixed) (Total:368.32 GB) (Free:248.73 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C1C188DA)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=916.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=14.7 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

    ========================================================
    Disk: 1 (Size: 698.6 GB) (Disk ID: 8DC4B273)
    Partition 1: (Not Active) - (Size=330.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=368.3 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

     

     

    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    atiesrxx.exe  1,752 K 4,684 K 1484 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    conhost.exe  1,092 K 3,004 K 2428 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
    dwm.exe  1,844 K 5,740 K 2152 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    FlashUtil32_22_0_0_210_ActiveX.exe  3,536 K 8,840 K 6520 Adobe® Flash® Player Installer/Uninstaller 22.0 r0 Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
    hpCaslNotification.exe  31,516 K 9,512 K 2340 hpCaslNotification Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
    HPDrvMntSvc.exe  1,400 K 4,056 K 2220 HP Quick Synchronization Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
    HPWMISVC.exe  2,068 K 5,568 K 920 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
    lsm.exe  2,844 K 4,744 K 1132 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
    procexp.exe  2,372 K 7,660 K 8076 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    RegSrvc.exe  2,604 K 6,960 K 5592 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
    services.exe  7,540 K 11,388 K 1112 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
    smss.exe  540 K 1,236 K 380 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
    spoolsv.exe  7,724 K 14,220 K 2600 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  5,788 K 11,472 K 3752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  1,676 K 4,720 K 4684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  2,776 K 6,344 K 7212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  5,148 K 10,308 K 5868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  2,764 K 6,184 K 1828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  17,320 K 19,060 K 2348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe  19,668 K 23,796 K 1564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    TrueSuiteService.exe  1,860 K 5,576 K 1368 HP Service HP (Verified) AuthenTec
    UNS.exe  3,212 K 7,544 K 5728 User Notification Service Intel Corporation (Verified) Intel Corporation
    unsecapp.exe  2,088 K 5,948 K 5576 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
    unsecapp.exe  2,012 K 5,388 K 3584 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
    wininit.exe  1,688 K 4,856 K 884 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
    winlogon.exe  3,120 K 7,716 K 1056 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
    WLIDSVCM.EXE  1,860 K 4,004 K 6544 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
    wsnm.exe  4,732 K 9,984 K 1536 VMware Horizon View Framework Node Manager VMware, Inc. (Verified) VMware
    hpservice.exe < 0.01 1,772 K 4,996 K 1924 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
    csrss.exe < 0.01 2,448 K 5,056 K 124 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    EvtEng.exe < 0.01 8,696 K 16,640 K 3896 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
    svchost.exe < 0.01 31,200 K 34,328 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    hpCMSrv.exe < 0.01 4,272 K 9,100 K 7492 HP Connection Manager Service Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
    hpqWmiEx.exe < 0.01 4,408 K 9,164 K 6996 hpqwmiex Module Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
    wlanext.exe < 0.01 9,708 K 19,648 K 2420 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
    vmware-view-usbd.exe < 0.01 3,772 K 7,940 K 6428 VMware Horizon View client USB service (32-bit) VMware, Inc. (Verified) VMware
    IAStorIcon.exe < 0.01 24,420 K 23,092 K 4408 IAStorIcon Intel Corporation (Verified) Intel Corporation
    DMAgent.exe < 0.01 5,928 K 7,992 K 4692 Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software Red Bend Ltd. (No signature was present in the subject) Red Bend Ltd.
    svchost.exe < 0.01 11,572 K 14,720 K 7660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    wmpnetwk.exe < 0.01 6,484 K 7,860 K 6016 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
    avgsvca.exe < 0.01 9,100 K 23,940 K 3400 AVG Service Process AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
    vmware-usbarbitrator64.exe < 0.01 4,028 K 8,384 K 6316 VMware USB Arbitration Service VMware, Inc. (Verified) VMware
    ASCService.exe < 0.01 9,476 K 7,492 K 1300 Advanced SystemCare Service IObit (Verified) IObit Information Technology
    ezSharedSvcHost.exe < 0.01 1,840 K 5,680 K 2984 Shared EasyBits services for Windows EasyBits Software AS (Verified) EasyBits Software AS
    WLIDSVC.EXE < 0.01 7,756 K 16,396 K 5144 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
    WUDFHost.exe < 0.01 3,120 K 7,576 K 892 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
    SearchIndexer.exe < 0.01 31,292 K 24,836 K 6072 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    iexplore.exe < 0.01 11,876 K 25,636 K 7372 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
    FitbitConnectService.exe < 0.01 16,212 K 21,968 K 3320 Fitbit Connect Service RC Fitbit, Inc. (Verified) Fitbit
    svchost.exe < 0.01 13,344 K 22,360 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    avgwdsvca.exe 0.01 13,400 K 30,252 K 3720 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
    lsass.exe 0.01 8,132 K 16,840 K 1120 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
    ftnlsv.exe 0.01 2,024 K 4,388 K 3524 NetLink supervisor  (Verified) FabulaTech
    ftscanmgr.exe 0.01 5,504 K 8,544 K 4120 Scanner Redirection manager (Client)  (Verified) FabulaTech
    iexplore.exe 0.01 75,188 K 102,220 K 1216 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
    explorer.exe 0.02 38,080 K 62,276 K 2208 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    IMFsrv.exe 0.03 7,956 K 4,860 K 2976 IObit Malware Fighter Service IObit (Verified) IObit Information Technology
    IAStorDataMgrSvc.exe 0.04 20,092 K 16,936 K 7508 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
    LMS.exe 0.04 2,780 K 5,288 K 6472 Local Manageability Service Intel Corporation (Verified) Intel Corporation
    svchost.exe 0.04 5,776 K 9,692 K 1436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    WmiPrvSE.exe 0.04 5,668 K 11,408 K 3252 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.04 120,996 K 127,316 K 1604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    AppSrv.exe 0.10 5,608 K 8,180 K 5944 WiMAX SDK service for Intel® PROSet/Wireless WiMAX Software Intel® Corporation (No signature was present in the subject) Intel® Corporation
    svchost.exe 0.10 23,488 K 39,132 K 1664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    System 0.11 3,300 K 185,808 K 4   
    svchost.exe 0.14 5,104 K 10,744 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.23 8,728 K 15,812 K 3140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 0.26 15,932 K 12,628 K 900 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    Interrupts 0.58 0 K 0 K n/a Hardware Interrupts and DPCs  
    procexp64.exe 1.71 31,356 K 53,000 K 7732 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    System Idle Process 96.43 0 K 24 K 0   


    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Not seeing much.  Go in to msconfig and check everything then OK and restart.

     

    Then uninstall:

     

    Advanced SystemCare 9

    Driver Booster 3.3

    IObit Malware Fighter 3 
    IObit Uninstaller
    Smart Defrag 4 
    Surfing Protection 
     
    (I'm not fond of IOBIT's snake oil)
     
    Also uninstall Java 8 Update 65
     
     
     
    Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
     
    If you feel you must have Java:
    Get the latest Java at:
     
    Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
    Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
     
    (If you also want the 64 bit version then use the 64 bit version of IE to get it.)
     
    I would also uninstall 
     
    Fitbit Connect as it is having problems.  You can download a new copy and reinstall it.
     
    Also I would update Intel® PROSet/Wireless WiMAX Software 
     
     
    Once you have done that the above then:
     
     
     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
     
    sfc  /scannow[
     
    (This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
     
    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 

    Regardless of the sfc result:

     

     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
     
     
     
    Get the free version of Speccy:
     
    http://www.filehippo...download_speccy (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
    Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
    File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
    (It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
     

    • 0

    #5
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    logs below and attached

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 23/07/2016 7:56:24 AM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 23/07/2016 12:26:31 PM
    Type: Error Category: 0
    Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
    Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Log: 'System' Date/Time: 23/07/2016 12:26:11 PM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 23/07/2016 12:24:02 PM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

    Log: 'System' Date/Time: 23/07/2016 12:22:22 PM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped.

    Log: 'System' Date/Time: 23/07/2016 12:22:22 PM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

     

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 23/07/2016 7:58:01 AM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 23/07/2016 12:22:09 PM
    Type: Warning Category: 0
    Event: 1530 Source: Microsoft-Windows-User Profiles Service
    Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:
    Process 1108 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001
    Process 1072 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

     


    • 0

    #6
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    sorry, i think i forgot to attatch speccy

    Attached Files


    • 0

    #7
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Doesn't look too bad now.  Speccy says the temps are good & the first hard drive is in good shape.  The second (is this an external drive used for backups or extra space?) - not so good.  It's been dropped hard:

     

    Attribute name G-sense error rate
    Real value 506
    Current 100
    Worst 100
    Threshold 0
    Raw Value 00000001FA

     

     

    and has a lot of Uncorrectable Errors:
     
    Attribute name Reported Uncorrectable Errors
    Real value 1,162
    Current 1
    Worst 1
    Threshold 0
    Raw Value 000000048A

     

     

     
    IE is talking to something with an IP address that isn't allowed on the Internet (169.54.33.132) so I assume you are doing some sort of Internet Connection Sharing.
     
    For your errors:
    Log: 'System' Date/Time: 23/07/2016 12:26:31 PM
    Type: Error Category: 0
    Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
    Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

     

     

    This is a fairly useless service that never seems to work right.  Search for
    services.msc
    and hit Enter.
    This should bring up the service window.
    Find
    Windows Media Player Network Sharing Service
    and right click on it and select Properties.  Change the Startup Type: to Manual  OK.
    Leave the Services window open we will need it again.
     
     
    Log: 'System' Date/Time: 23/07/2016 12:24:02 PM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

     

     

    This is a mistake from MS.  It used to be Automatic but they changed it in Win 7 to Manual to make it boot a bit faster.  Go back to the Service window and find:

     

    Windows Driver Foundation - User-mode Driver Framework

     

    and right click on it and select Properties.  Change the Startup Type: to Automatic, OK.
    Leave the Services window open we will need it again
     
    This error:
     
    Log: 'System' Date/Time: 23/07/2016 12:26:11 PM
    Type: Error Category: 0
    Event: 7011 Source: Service Control Manager
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

     

     
    This is part of HP Quick Launch.  http://support.hp.co...ument/c01136921
    If this is something you want to work then I would uninstall the current version and download the latest version from HP.  (Your current version says: (A certificate was explicitly revoked by its issuer)  Otherwise uninstall it or go in to Services Window and find HP Quick Launch WMI Service or HP WMI Service or HP Quick Launch and change its Startup Type to Disabled.
     
     
    Log: 'System' Date/Time: 23/07/2016 12:22:22 PM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

     

     

    Normal indication.  No action required.  
     
     
    Log: 'Application' Date/Time: 23/07/2016 12:22:09 PM
    Type: Warning Category: 0
    Event: 1530 Source: Microsoft-Windows-User Profiles Service
    Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:
    Process 1108 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001
    Process 1072 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

     

     

    This one is sort of odd.  It claims services.exe and winlogon.exe are keeping the registry open.  These are both Windows files and they don't usually do this.  Wondering if AVG is doing something it shouldn't?  The error is not as bad as it sounds.  Win 7 knows how to unload the registry without damage.
     
    Clear the event logs:
     
     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Run VEW again as before and let's see if we fixed anything.
     
    How is it running now?
     
     
     

    • 0

    #8
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    the second hard drive is internal, I use it for backup. I don't ever remember dropping it, maybe that explains why restore points never work. as for IE  talking to something with an IP address that isn't allowed on the Internet (169.54.33.132). I have no clue what this is. can it be stopped? i'll work on the other stuff and report back.  the machine does seem a bit better today.


    • 0

    #9
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Copy the next 2 lines:

    netstat -rn > \junk.txt
    notepad \junk.txt
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.   That might help figure out where the 169 addresses are.  Has to be something local so probably benign.

    • 0

    #10
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    logs below

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 23/07/2016 6:07:49 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 23/07/2016 9:23:29 PM
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

    Log: 'System' Date/Time: 23/07/2016 9:22:42 PM
    Type: Warning Category: 0
    Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN AutoConfig service has successfully stopped.

    Log: 'System' Date/Time: 23/07/2016 9:22:42 PM
    Type: Warning Category: 0
    Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
    WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

     

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 23/07/2016 6:08:54 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 23/07/2016 9:22:36 PM
    Type: Warning Category: 0
    Event: 1530 Source: Microsoft-Windows-User Profiles Service
    Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:
    Process 1060 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001
    Process 1180 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

     

    ===========================================================================
    Interface List
     15...64 d4 da 5d 81 e9 ......Intel® Centrino® WiMAX 6150
     14...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter #2
     13...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter
     12...40 25 c2 53 4d 14 ......Intel® Centrino® Wireless-N 6150
     11...10 1f 74 17 57 8a ......Realtek PCIe GBE Family Controller
      1...........................Software Loopback Interface 1
     16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.7     25
             10.0.0.0    255.255.255.0         On-link          10.0.0.7    281
             10.0.0.7  255.255.255.255         On-link          10.0.0.7    281
           10.0.0.255  255.255.255.255         On-link          10.0.0.7    281
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link          10.0.0.7    281
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link          10.0.0.7    281
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
     12    281 ::/0                     fe80::7acd:8eff:fe0d:62a2
      1    306 ::1/128                  On-link
     12     33 2601:448:100:ea2c::/64   On-link
     12    281 2601:448:100:ea2c:682c:48c2:fea6:e17b/128
                                        On-link
     12    281 2601:448:100:ea2c:8825:cef9:5af3:862c/128
                                        On-link
     12    281 2601:448:100:ea2c:8949:35fe:89ee:6154/128
                                        On-link
     12    281 fe80::/64                On-link
     12    281 fe80::682c:48c2:fea6:e17b/128
                                        On-link
      1    306 ff00::/8                 On-link
     12    281 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None

     

    could the IP address  (169.54.33.132) be my wireless printer? I thought the IP for that though ended in .010 or .012
     


    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Unlikely.  If it were then the PC couldn't talk to it.

    There doesn't seem to be a route to 169.54.33.132

     

    Please download MiniToolBox, save it to your desktop and run it.
     
    Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • [ ]Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

    • 0

    #12
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    mtb log

     

    MiniToolBox by Farbar  Version: 17-06-2016
    Ran by greg & jacki (administrator) on 23-07-2016 at 18:40:40
    Running from "C:\Users\greg & jacki\Desktop"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
    Model: HP Pavilion dv7 Notebook PC Manufacturer: Hewlett-Packard
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.
    ========================= Hosts content: =================================
    127.0.0.1       localhost
    ========================= IP Configuration: ================================

    Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
    Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
    Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global defaultcurhoplimit=64 icmpredirects=enabled

    popd
    # End of IPv4 configuration

     

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : hplaptop
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : hsd1.mn.comcast.net.

    Ethernet adapter Local Area Connection 2:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
       Physical Address. . . . . . . . . : 64-D4-DA-5D-81-E9
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection 3:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
       Physical Address. . . . . . . . . : 40-25-C2-53-4D-15
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection 2:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
       Physical Address. . . . . . . . . : 40-25-C2-53-4D-15
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

       Connection-specific DNS Suffix  . : hsd1.mn.comcast.net.
       Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
       Physical Address. . . . . . . . . : 40-25-C2-53-4D-14
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2601:448:100:ea2c:682c:48c2:fea6:e17b(Preferred)
       IPv6 Address. . . . . . . . . . . : 2601:448:100:ea2c:8949:35fe:89ee:6154(Preferred)
       Lease Obtained. . . . . . . . . . : Saturday, July 23, 2016 4:24:40 PM
       Lease Expires . . . . . . . . . . : Tuesday, July 26, 2016 5:11:15 PM
       Temporary IPv6 Address. . . . . . : 2601:448:100:ea2c:8825:cef9:5af3:862c(Preferred)
       Link-local IPv6 Address . . . . . : fe80::682c:48c2:fea6:e17b%12(Preferred)
       IPv4 Address. . . . . . . . . . . : 10.0.0.7(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Saturday, July 23, 2016 4:24:10 PM
       Lease Expires . . . . . . . . . . : Saturday, July 30, 2016 4:24:09 PM
       Default Gateway . . . . . . . . . : fe80::7acd:8eff:fe0d:62a2%12
                                           10.0.0.1
       DHCP Server . . . . . . . . . . . : 10.0.0.1
       DHCPv6 IAID . . . . . . . . . . . : 306193858
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-BD-BB-F1-10-1F-74-17-57-8A
       DNS Servers . . . . . . . . . . . : 2001:558:feed::2
                                           2001:558:feed::1
                                           75.75.76.76
                                           75.75.75.75
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : 10-1F-74-17-57-8A
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.hsd1.mn.comcast.net.:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : hsd1.mn.comcast.net.
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Server:  cdns02.comcast.net
    Address:  2001:558:feed::2

    Name:    google.com
    Addresses:  2607:f8b0:4009:808::200e
       172.217.4.238

    Pinging google.com [2607:f8b0:4009:80e::200e] with 32 bytes of data:
    Reply from 2607:f8b0:4009:80e::200e: time=19ms
    Reply from 2607:f8b0:4009:80e::200e: time=19ms

    Ping statistics for 2607:f8b0:4009:80e::200e:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 19ms, Maximum = 19ms, Average = 19ms
    Server:  cdns02.comcast.net
    Address:  2001:558:feed::2

    Name:    yahoo.com
    Addresses:  2001:4998:c:a06::2:4008
       2001:4998:44:204::a7
       2001:4998:58:c02::a9
       206.190.36.45
       98.139.183.24
       98.138.253.109

    Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
    Reply from 2001:4998:c:a06::2:4008: time=63ms
    Reply from 2001:4998:c:a06::2:4008: time=65ms

    Ping statistics for 2001:4998:c:a06::2:4008:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 63ms, Maximum = 65ms, Average = 64ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
     15...64 d4 da 5d 81 e9 ......Intel® Centrino® WiMAX 6150
     14...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter #2
     13...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter
     12...40 25 c2 53 4d 14 ......Intel® Centrino® Wireless-N 6150
     11...10 1f 74 17 57 8a ......Realtek PCIe GBE Family Controller
      1...........................Software Loopback Interface 1
     16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.7     25
             10.0.0.0    255.255.255.0         On-link          10.0.0.7    281
             10.0.0.7  255.255.255.255         On-link          10.0.0.7    281
           10.0.0.255  255.255.255.255         On-link          10.0.0.7    281
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link          10.0.0.7    281
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link          10.0.0.7    281
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
     12    281 ::/0                     fe80::7acd:8eff:fe0d:62a2
      1    306 ::1/128                  On-link
     12     33 2601:448:100:ea2c::/64   On-link
     12    281 2601:448:100:ea2c:682c:48c2:fea6:e17b/128
                                        On-link
     12    281 2601:448:100:ea2c:8825:cef9:5af3:862c/128
                                        On-link
     12    281 2601:448:100:ea2c:8949:35fe:89ee:6154/128
                                        On-link
     12    281 fe80::/64                On-link
     12    281 fe80::682c:48c2:fea6:e17b/128
                                        On-link
      1    306 ff00::/8                 On-link
     12    281 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================

    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    =========================== Installed Programs ============================

    ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
    Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
    AOMEI Partition Assistant Standard Edition 5.8 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
    ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
    AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
    AVG (HKLM\...\{8DD226F0-3866-4965-9101-488D2AEE3D3B}) (Version: 16.91.7688 - AVG Technologies) Hidden
    AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
    AVG 2016 (HKLM\...\{880D8FA8-C066-4D31-8B6F-0C69D90CB6B8}) (Version: 16.0.4627 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
    AVG Zen (HKLM\...\{BF161E81-2BF2-4602-A105-C4448733E1CA}) (Version: 1.72.1 - AVG Technologies) Hidden
    CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
    Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
    FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
    HP 3D DriveGuard (HKLM\...\{0128D231-B23B-409C-A531-39D8D8774BA1}) (Version: 4.1.5.1 - Hewlett-Packard Company)
    HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
    HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{B6A3EAE4-3727-46A4-A659-8576BF7C8C8D}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
    HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{F638F65B-B435-44E0-9382-7F90BDB003E2}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
    HP Documentation (HKLM-x32\...\{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
    HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company)
    HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{F8070C51-4B1D-430C-8BCF-19696368366F}) (Version: 4.0.110.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6329.0 - IDT)
    Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
    Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    Intel® Wireless Display (HKLM-x32\...\{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}) (Version: 2.0.30.0 - Intel Corporation)
    Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PX Profile Update (HKLM-x32\...\{1C34B2AF-0D61-1784-8BC8-219F969BEFD6}) (Version: 1.00.1. - AMD) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
    Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
    RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
    Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)
    Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.4 - Tweaking.com)
    Validity WBF DDK (HKLM\...\{7C54D017-21BB-43AE-9746-33E78AF4A425}) (Version: 4.3.118.0 - Validity Sensors, Inc.)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

    ========================= Devices: ================================

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: pci
    Device ID: PCI\VEN_8086&DEV_1C12&SUBSYS_1659103C&REV_B5\3&11583659&0&E1

    Name: Intel® HM65 Express Chipset Family LPC Interface Controller - 1C49
    Description: Intel® HM65 Express Chipset Family LPC Interface Controller - 1C49
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: msisadrv
    Device ID: PCI\VEN_8086&DEV_1C49&SUBSYS_1659103C&REV_05\3&11583659&0&F8

    Name: HP Deskjet 3050A J611 series
    Description: HP Deskjet 3050A J611 series
    Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
    Manufacturer: Hewlett-Packard
    Service:
    Device ID: ROOT\PRINTER\0000

    Name: ACPI Lid
    Description: ACPI Lid
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C0D\4&99BC4AD&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT40

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT8

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT31

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\VID_046D&PID_C52F&MI_01&COL03\8&2E2E3DC&0&0002

    Name: Terminal Server Keyboard Driver
    Description: Terminal Server Keyboard Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Device ID: ROOT\RDP_KBD\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT22

    Name: VgaSave
    Description: VgaSave
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VgaSave
    Device ID: ROOT\LEGACY_VGASAVE\0000

    Name: Microsoft Windows Management Interface for ACPI
    Description: Microsoft Windows Management Interface for ACPI
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: WmiAcpi
    Device ID: ACPI\PNP0C14\0

    Name: USB Input Device
    Description: USB Input Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service: HidUsb
    Device ID: USB\VID_2687&PID_FB01&MI_01\7&29B31368&0&0001

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT6

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT13

    Name: RDPCDD
    Description: RDPCDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPCDD
    Device ID: ROOT\LEGACY_RDPCDD\0000

    Name: Terminal Server Mouse Driver
    Description: Terminal Server Mouse Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD
    Device ID: ROOT\RDP_MOU\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT50

    Name: msahci
    Description: msahci
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msahci
    Device ID: ROOT\LEGACY_MSAHCI\0000

    Name: Synaptics PS/2 Port TouchPad
    Description: Synaptics PS/2 Port TouchPad
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Synaptics
    Service: i8042prt
    Device ID: ACPI\SYN1E47\4&99BC4AD&0

    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8167
    Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_1659103C&REV_06\4&39567703&0&00E0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT41

    Name: Dynamic Volume Manager
    Description: Dynamic Volume Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volmgrx
    Device ID: ROOT\LEGACY_VOLMGRX\0000

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: pci
    Device ID: PCI\VEN_8086&DEV_1C14&SUBSYS_1659103C&REV_B5\3&11583659&0&E2

    Name: HP Deskjet 3050A J611 series (NET)
    Description: HP Deskjet 3050A J611 series (NET)
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Hewlett-Packard
    Service: StillCam
    Device ID: ROOT\SCANNER\0000

    Name: RDP Encoder Mirror Driver
    Description: RDP Encoder Mirror Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPENCDD
    Device ID: ROOT\LEGACY_RDPENCDD\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT9

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT32

    Name: Bitlocker Drive Encryption Filter Driver
    Description: Bitlocker Drive Encryption Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: fvevol
    Device ID: ROOT\LEGACY_FVEVOL\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT7

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT23

    Name: ACPI Thermal Zone
    Description: ACPI Thermal Zone
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\THERMALZONE\THRM

    Name: HP Mobile Data Protection Sensor
    Description: HP Mobile Data Protection Sensor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Hewlett-Packard
    Service: Accelerometer
    Device ID: ACPI\HPQ0004\2&DABA3FF&3

    Name: Plug and Play Software Device Enumerator
    Description: Plug and Play Software Device Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: swenum
    Device ID: ROOT\SYSTEM\0000

    Name: Storage volumes
    Description: Storage volumes
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volsnap
    Device ID: ROOT\LEGACY_VOLSNAP\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT60

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT14

    Name: Reflector Display Driver used to gain access to graphics data
    Description: Reflector Display Driver used to gain access to graphics data
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPREFMP
    Device ID: ROOT\LEGACY_RDPREFMP\0000

    Name: VMware hcmon
    Description: VMware hcmon
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: hcmon
    Device ID: ROOT\LEGACY_HCMON\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT51

    Name: msisadrv
    Description: msisadrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msisadrv
    Device ID: ROOT\LEGACY_MSISADRV\0000

    Name: TOSHIBA MK7575GSX
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk
    Device ID: IDE\DISKTOSHIBA_MK7575GSX_______________________GT001C__\4&E7EDAD9&0&0.1.0

    Name: Microsoft ACPI-Compliant System
    Description: Microsoft ACPI-Compliant System
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: ACPI
    Device ID: ACPI_HAL\PNP0C08\0

    Name: UMBus Root Bus Enumerator
    Description: UMBus Root Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus
    Device ID: ROOT\UMBUS\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT42

    Name: Intel® 82802 Firmware Hub Device
    Description: Intel® 82802 Firmware Hub Device
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:
    Device ID: ACPI\INT0800\4&99BC4AD&0

    Name: Virtual WiFi Filter Driver
    Description: Virtual WiFi Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: vwififlt
    Device ID: ROOT\LEGACY_VWIFIFLT\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT33

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{1C7B1D13-7A9E-11E5-9EC5-806E6F6E6963}#0000000000100000

    Name: HTTP
    Description: HTTP
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HTTP
    Device ID: ROOT\LEGACY_HTTP\0000

    Name: 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
    Description: 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: pci
    Device ID: PCI\VEN_8086&DEV_0101&SUBSYS_1659103C&REV_09\3&11583659&0&08

    Name: Microsoft Virtual Drive Enumerator Driver
    Description: Microsoft Virtual Drive Enumerator Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: vdrvroot
    Device ID: ROOT\VDRVROOT\0000

    Name: Microsoft AC Adapter
    Description: Microsoft AC Adapter
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt
    Device ID: ACPI\ACPI0003\2&DABA3FF&3

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: pci
    Device ID: PCI\VEN_8086&DEV_1C16&SUBSYS_1659103C&REV_B5\3&11583659&0&E3

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT24

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub
    Device ID: USB\VID_8087&PID_0024\5&19C4F05D&0&1

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT61

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT15

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\INT340E\2&DABA3FF&3

    Name: Remote Access IPv6 ARP Driver
    Description: Remote Access IPv6 ARP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wanarpv6
    Device ID: ROOT\LEGACY_WANARPV6\0000

    Name: Volume Manager
    Description: Volume Manager
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: volmgr
    Device ID: ROOT\VOLMGR\0000

    Name: HWiNFO32/64 Kernel Driver
    Description: HWiNFO32/64 Kernel Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HWiNFO32
    Device ID: ROOT\LEGACY_HWINFO32\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT52

    Name: Link-Layer Topology Discovery Responder
    Description: Link-Layer Topology Discovery Responder
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: rspndr
    Device ID: ROOT\LEGACY_RSPNDR\0000

    Name: NativeWiFi Filter
    Description: NativeWiFi Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NativeWifiP
    Device ID: ROOT\LEGACY_NATIVEWIFIP\0000

    Name: ACPI Fixed Feature Button
    Description: ACPI Fixed Feature Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&3

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT43

    Name: AVG TDI Driver
    Description: AVG TDI Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Avgtdia
    Device ID: ROOT\LEGACY_AVGTDIA\0000

    Name: Validity Sensors (WBF) (PID=0018)
    Description: Validity Sensors (WBF) (PID=0018)
    Class Guid: {24619924-aa9e-486f-99f9-847a5986b6be}
    Manufacturer: Validity Sensors, Inc.
    Service: WUDFRd
    Device ID: USB\VID_138A&PID_0018\04A4745DFF40

    Name: UMBus Enumerator
    Description: UMBus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus
    Device ID: UMB\UMB\1&841921D&0&PRINTERBUSENUMERATOR

    Name: WDKMD
    Description: WDKMD
    Class Guid: {034f6fb2-1bcc-41c9-9fd2-dbb357de0838}
    Manufacturer: (Standard system devices)
    Service: wdkmd
    Device ID: ROOT\WIDI\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\INT3F0D\4&99BC4AD&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT34

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\VID_2687&PID_FB01&MI_00\8&2F35698C&0&0000

    Name: Kernel Mode Driver Frameworks service
    Description: Kernel Mode Driver Frameworks service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wdf01000
    Device ID: ROOT\LEGACY_WDF01000\0000

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub
    Device ID: USB\VID_8087&PID_0024\5&1DD41F66&0&1

    Name: Generic PnP Monitor
    Description: Generic PnP Monitor
    Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard monitor types)
    Service: monitor
    Device ID: DISPLAY\CMO1719\4&3309971E&0&UID67568640

    Name: Hardware Policy Driver
    Description: Hardware Policy Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: hwpolicy
    Device ID: ROOT\LEGACY_HWPOLICY\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT25

    Name: Security Driver
    Description: Security Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: secdrv
    Device ID: ROOT\LEGACY_SECDRV\0000

    Name: TOSHIBA MQ01ABD100
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk
    Device ID: IDE\DISKTOSHIBA_MQ01ABD100______________________AX1P1A__\4&E7EDAD9&0&0.0.0

    Name: Intel® Centrino® WiMAX Enumerator
    Description: Intel® Centrino® WiMAX Enumerator
    Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
    Manufacturer: Intel Corporation
    Service: bpenum
    Device ID: ROOT\WIMAX\0000

    Name: NDIS System Driver
    Description: NDIS System Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDIS
    Device ID: ROOT\LEGACY_NDIS\0000

    Name: Intel® Core™ i5-2410M CPU @ 2.30GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_42_-________INTEL®_CORE™[email protected]_2.30GHZ\_1

    Name: 2nd generation Intel® Core™ processor family DRAM Controller - 0104
    Description: 2nd generation Intel® Core™ processor family DRAM Controller - 0104
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service:
    Device ID: PCI\VEN_8086&DEV_0104&SUBSYS_1659103C&REV_09\3&11583659&0&00

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT62

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT16

    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Device ID: ROOT\*ISATAP\0000

    Name: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
    Description: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: HDAudBus
    Device ID: PCI\VEN_8086&DEV_1C20&SUBSYS_1659103C&REV_05\3&11583659&0&D8

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{1C7B1D13-7A9E-11E5-9EC5-806E6F6E6963}#000000000C800000

    Name: Programmable interrupt controller
    Description: Programmable interrupt controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0000\4&99BC4AD&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT53

    Name: WFP Lightweight Filter
    Description: WFP Lightweight Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WfpLwf
    Device ID: ROOT\LEGACY_WFPLWF\0000

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr
    Device ID: ROOT\LEGACY_SPLDR\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT44

    Name: NDIS Usermode I/O Protocol
    Description: NDIS Usermode I/O Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Ndisuio
    Device ID: ROOT\LEGACY_NDISUIO\0000

    Name: ACPI x64-based PC
    Description: ACPI x64-based PC
    Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard computers)
    Service: \Driver\ACPI_HAL
    Device ID: ROOT\ACPI_HAL\0000

    Name: Intel® Centrino® WiMAX 6150 Function Driver
    Description: Intel® Centrino® WiMAX 6150 Function Driver
    Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
    Manufacturer: Intel Corporation
    Service: bpusb
    Device ID: USB\VID_8087&PID_07D7\6&4CA3996&0&5

    Name: Beep
    Description: Beep
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Beep
    Device ID: ROOT\LEGACY_BEEP\0000

    Name: IDT High Definition Audio CODEC
    Description: IDT High Definition Audio CODEC
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: IDT
    Service: STHDA
    Device ID: HDAUDIO\FUNC_01&VEN_111D&DEV_7605&SUBSYS_103C1659&REV_1001\4&79907F8&0&0001

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT35

    Name: System timer
    Description: System timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0100\4&99BC4AD&0

    Name: User Mode Driver Frameworks Platform Driver
    Description: User Mode Driver Frameworks Platform Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WudfPf
    Device ID: ROOT\LEGACY_WUDFPF\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT26

    Name: intelkmd
    Description: intelkmd
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: intelkmd
    Device ID: ROOT\LEGACY_INTELKMD\0000

    Name: File as Volume Driver
    Description: File as Volume Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: blbdrive
    Device ID: ROOT\BLBDRIVE\0000

    Name: NDProxy
    Description: NDProxy
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDProxy
    Device ID: ROOT\LEGACY_NDPROXY\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT17

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Device ID: USB\ROOT_HUB20\4&1B0C2320&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT54

    Name: CyberLink WebCam Virtual Driver
    Description: CyberLink WebCam Virtual Driver
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: CyberLink
    Service: clwvd
    Device ID: ROOT\MEDIA\0000

    Name: Mobile Intel® HD Graphics
    Description: Mobile Intel® HD Graphics
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: ATI Technologies Inc.
    Service: amdkmdap
    Device ID: PCI\VEN_8086&DEV_0116&SUBSYS_1659103C&REV_09\3&11583659&0&10

    Name: High precision event timer
    Description: High precision event timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0103\0

    Name: Composite Bus Enumerator
    Description: Composite Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: CompositeBus
    Device ID: ROOT\COMPOSITEBUS\0000

    Name: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
    Description: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service:
    Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_1659103C&REV_05\3&11583659&0&FB

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT45

    Name: KSecDD
    Description: KSecDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecDD
    Device ID: ROOT\LEGACY_KSECDD\0000

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{1C7B1D13-7A9E-11E5-9EC5-806E6F6E6963}#000000E52ED00000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT36

    Name: Microsoft System Management BIOS Driver
    Description: Microsoft System Management BIOS Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: mssmbios
    Device ID: ROOT\MSSMBIOS\0000

    Name: Direct memory access controller
    Description: Direct memory access controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0200\4&99BC4AD&0

    Name: USB Composite Device
    Description: USB Composite Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbccgp
    Device ID: USB\VID_2687&PID_FB01\6&8ED02A3&0&3

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub
    Device ID: USB\ROOT_HUB20\4&2D170185&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT27

    Name: Microsoft Composite Battery
    Description: Microsoft Composite Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: Compbatt
    Device ID: ROOT\COMPOSITE_BATTERY\0000

    Name: KSecPkg
    Description: KSecPkg
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecPkg
    Device ID: ROOT\LEGACY_KSECPKG\0000

    Name: Intel® Core™ i5-2410M CPU @ 2.30GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_42_-________INTEL®_CORE™[email protected]_2.30GHZ\_2

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT18

    Name: WAN Miniport (IKEv2)
    Description: WAN Miniport (IKEv2)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasAgileVpn
    Device ID: ROOT\MS_AGILEVPNMINIPORT\0000

    Name: NETBT
    Description: NETBT
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NetBT
    Device ID: ROOT\LEGACY_NETBT\0000

    Name: Intel® Display Audio
    Description: Intel® Display Audio
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel® Corporation
    Service: IntcDAud
    Device ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_80860101&REV_1000\4&79907F8&0&0301

    Name: Standard PS/2 Keyboard
    Description: Standard PS/2 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Device ID: ACPI\PNP0303\4&99BC4AD&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT55

    Name: USB Composite Device
    Description: USB Composite Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbccgp
    Device ID: USB\VID_046D&PID_C52F\6&4CA3996&0&1

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT46

    Name: Link-Layer Topology Discovery Mapper I/O Driver
    Description: Link-Layer Topology Discovery Mapper I/O Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: lltdio
    Device ID: ROOT\LEGACY_LLTDIO\0000

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\VID_2687&PID_FB01&MI_01\8&B5E2BCA&0&0000

    Name: Intel® Centrino® Wireless-N 6150
    Description: Intel® Centrino® Wireless-N 6150
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: NETwNs64
    Device ID: PCI\VEN_8086&DEV_0886&SUBSYS_13158086&REV_67\4&29BF16A3&0&00E1

    Name: Common Log (CLFS)
    Description: Common Log (CLFS)
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CLFS
    Device ID: ROOT\LEGACY_CLFS\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT37

    Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
    Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: INTEL
    Service: usbehci
    Device ID: PCI\VEN_8086&DEV_1C26&SUBSYS_1659103C&REV_05\3&11583659&0&E8

    Name: WAN Miniport (L2TP)
    Description: WAN Miniport (L2TP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: Rasl2tp
    Device ID: ROOT\MS_L2TPMINIPORT\0000

    Name: PCI bus
    Description: PCI bus
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: pci
    Device ID: ACPI\PNP0A08\0

    Name: Intel® Centrino® WiMAX 6150
    Description: Intel® Centrino® WiMAX 6150
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: bpmp
    Device ID: {12110A2A-BBCC-418B-B9F4-76099D720767}\BPMP_8087_07D7\1&1869C5E3&1&1

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT28

    Name: Renesas Electronics USB 3.0 Root Hub
    Description: Renesas Electronics USB 3.0 Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Renesas Electronics
    Service: nusb3hub
    Device ID: NUSB3\ROOT_HUB30\5&2DE2EC05&0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT19

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{1C7B1D13-7A9E-11E5-9EC5-806E6F6E6963}#000000E8DA600000

    Name: CNG
    Description: CNG
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CNG
    Device ID: ROOT\LEGACY_CNG\0000

    Name: NSI proxy service driver.
    Description: NSI proxy service driver.
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nsiproxy
    Device ID: ROOT\LEGACY_NSIPROXY\0000

    Name: System CMOS/real time clock
    Description: System CMOS/real time clock
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0B00\4&99BC4AD&0

    Name: USB Input Device
    Description: USB Input Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service: HidUsb
    Device ID: USB\VID_046D&PID_C52F&MI_00\7&CE666C5&0&0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT56

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1

    Name: WAN Miniport (Network Monitor)
    Description: WAN Miniport (Network Monitor)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANBH\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT47

    Name: cpuz137
    Description: cpuz137
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cpuz137
    Device ID: ROOT\LEGACY_CPUZ137\0000

    Name: Ancillary Function Driver for Winsock
    Description: Ancillary Function Driver for Winsock
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AFD
    Device ID: ROOT\LEGACY_AFD\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT38

    Name: Radeon ™ HD 6490M
    Description: Radeon ™ HD 6490M
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: ATI Technologies Inc.
    Service: amdkmdap
    Device ID: PCI\VEN_1002&DEV_6760&SUBSYS_1659103C&REV_00\4&2F8F60C0&0&0008

    Name: System board
    Description: System board
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C01\2

    Name: HID-compliant mouse
    Description: HID-compliant mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: mouhid
    Device ID: HID\VID_046D&PID_C52F&MI_00\8&104D3862&0&0000

    Name: WAN Miniport (IP)
    Description: WAN Miniport (IP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANIP\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT29

    Name: Intel® Mobile Express Chipset SATA AHCI Controller
    Description: Intel® Mobile Express Chipset SATA AHCI Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: iaStor
    Device ID: PCI\VEN_8086&DEV_1C03&SUBSYS_1659103C&REV_05\3&11583659&0&FA

    Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
    Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: INTEL
    Service: usbehci
    Device ID: PCI\VEN_8086&DEV_1C2D&SUBSYS_1659103C&REV_05\3&11583659&0&D0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C02\1

    Name: Intel® Core™ i5-2410M CPU @ 2.30GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_42_-________INTEL®_CORE™[email protected]_2.30GHZ\_3

    Name: amdkmdag
    Description: amdkmdag
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: amdkmdag
    Device ID: ROOT\LEGACY_AMDKMDAG\0000

    Name: USB Input Device
    Description: USB Input Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service: HidUsb
    Device ID: USB\VID_046D&PID_C52F&MI_01\7&CE666C5&0&0001

    Name: Null
    Description: Null
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Null
    Device ID: ROOT\LEGACY_NULL\0000

    Name: Microsoft Virtual WiFi Miniport Adapter
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2E233E0E&0&01

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT57

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT10

    Name: Mount Point Manager
    Description: Mount Point Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mountmgr
    Device ID: ROOT\LEGACY_MOUNTMGR\0000

    Name: USB Input Device
    Description: USB Input Device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service: HidUsb
    Device ID: USB\VID_2687&PID_FB01&MI_00\7&29B31368&0&0000

    Name: WAN Miniport (IPv6)
    Description: WAN Miniport (IPv6)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan
    Device ID: ROOT\MS_NDISWANIPV6\0000

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C02\2

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT48

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{3F34BBB8-7D8F-11E5-B593-806E6F6E6963}#0000000000100000

    Name: System Attribute Cache
    Description: System Attribute Cache
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: discache
    Device ID: ROOT\LEGACY_DISCACHE\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT39

    Name: Performance Counters for Windows Driver
    Description: Performance Counters for Windows Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: pcw
    Device ID: ROOT\LEGACY_PCW\0000

    Name: ampa
    Description: ampa
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ampa
    Device ID: ROOT\LEGACY_AMPA\0000

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:
    Device ID: HID\VID_046D&PID_C52F&MI_01&COL01\8&2E2E3DC&0&0000

    Name: Numeric data processor
    Description: Numeric data processor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C04\4&99BC4AD&0

    Name: Windows Firewall Authorization Driver
    Description: Windows Firewall Authorization Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mpsdrv
    Device ID: ROOT\LEGACY_MPSDRV\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3

    Name: WAN Miniport (PPPOE)
    Description: WAN Miniport (PPPOE)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasPppoe
    Device ID: ROOT\MS_PPPOEMINIPORT\0000

    Name: Renesas Electronics USB 3.0 Host Controller
    Description: Renesas Electronics USB 3.0 Host Controller
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Renesas Electronics
    Service: nusb3xhc
    Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_1659103C&REV_04\4&310A7424&0&00E3

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT20

    Name: TCP/IP Protocol Driver
    Description: TCP/IP Protocol Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Tcpip
    Device ID: ROOT\LEGACY_TCPIP\0000

    Name: USB Composite Device
    Description: USB Composite Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbccgp
    Device ID: USB\VID_064E&PID_E258\HF1016-A821-OV01-VH-R04.00.00

    Name: PEAUTH
    Description: PEAUTH
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: PEAUTH
    Device ID: ROOT\LEGACY_PEAUTH\0000

    Name: IDE Channel
    Description: IDE Channel
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: atapi
    Device ID: ROOT\LEGACY_ATAPI\0000

    Name: LDDM Graphics Subsystem
    Description: LDDM Graphics Subsystem
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: DXGKrnl
    Device ID: ROOT\LEGACY_DXGKRNL\0000

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: INTEL
    Service: pci
    Device ID: PCI\VEN_8086&DEV_1C10&SUBSYS_1659103C&REV_B5\3&11583659&0&E0

    Name: Intel® Management Engine Interface
    Description: Intel® Management Engine Interface
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: MEIx64
    Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_1659103C&REV_04\3&11583659&0&B0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT58

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT11

    Name: Microsoft ACPI-Compliant Embedded Controller
    Description: Microsoft ACPI-Compliant Embedded Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C09\1

    Name: hp DVD-RAM UJ8B1
    Description: CD-ROM Drive
    Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard CD-ROM drives)
    Service: cdrom
    Device ID: IDE\CDROMHP_DVD-RAM_UJ8B1________________________H.02____\4&E7EDAD9&0&0.2.0

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT49

    Name: WAN Miniport (PPTP)
    Description: WAN Miniport (PPTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: PptpMiniport
    Device ID: ROOT\MS_PPTPMINIPORT\0000

    Name: Microsoft Virtual WiFi Miniport Adapter #2
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2E233E0E&0&02

    Name: TCP/IP Registry Compatibility
    Description: TCP/IP Registry Compatibility
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tcpipreg
    Device ID: ROOT\LEGACY_TCPIPREG\0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4

    Name: Microsoft ACPI-Compliant Control Method Battery
    Description: Microsoft ACPI-Compliant Control Method Battery
    Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
    Manufacturer: Microsoft
    Service: CmBatt
    Device ID: ACPI\PNP0C0A\0

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: HID\VID_046D&PID_C52F&MI_01&COL02\8&2E2E3DC&0&0001

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT30

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT21

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap
    Device ID: STORAGE\VOLUME\{3F34BBB8-7D8F-11E5-B593-806E6F6E6963}#000000529457E000

    Name: WAN Miniport (SSTP)
    Description: WAN Miniport (SSTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasSstp
    Device ID: ROOT\MS_SSTPMINIPORT\0000

    Name: ACPI Power Button
    Description: ACPI Power Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:
    Device ID: ACPI\PNP0C0C\2&DABA3FF&3

    Name: Intel® Core™ i5-2410M CPU @ 2.30GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm
    Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_42_-________INTEL®_CORE™[email protected]_2.30GHZ\_4

    Name: NetIO Legacy TDI Support Driver
    Description: NetIO Legacy TDI Support Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tdx
    Device ID: ROOT\LEGACY_TDX\0000

    Name: HP TrueVision HD

    Description: USB Video Device
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: usbvideo
    Device ID: USB\VID_064E&PID_E258&MI_00\7&266896F9&0&0000

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT59

    Name: Generic volume shadow copy
    Description: Generic volume shadow copy
    Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
    Manufacturer: Microsoft
    Service:
    Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT12

    Name: QoS Packet Scheduler
    Description: QoS Packet Scheduler
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Psched
    Device ID: ROOT\LEGACY_PSCHED\0000

    Name: Realtek PCIE CardReader
    Description: Realtek PCIE CardReader
    Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek Semiconduct Corp.
    Service: RSPCIESTOR
    Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_1659103C&REV_01\4&217313C4&0&00E2

    ========================= Memory info: ===================================

    Percentage of memory in use: 32%
    Total physical RAM: 8139.86 MB
    Available physical RAM: 5532.23 MB
    Total Virtual: 16277.9 MB
    Available Virtual: 13552.28 MB

    ========================= Partitions: =====================================

    1 Drive c: () (Fixed) (Total:916.54 GB) (Free:673.04 GB) NTFS
    2 Drive d: (RECOVERY) (Fixed) (Total:14.68 GB) (Free:1.63 GB) NTFS
    3 Drive e: () (Fixed) (Total:330.32 GB) (Free:187.05 GB) NTFS
    4 Drive f: () (Fixed) (Total:368.32 GB) (Free:248.73 GB) NTFS


    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP

    Not seeing anything unusual.  

     

    Going back to the slowness.  Windows 7 normally defrags itself but if the laptop is off when the appointed time comes (usually 1 AM) then it doesn't get to do it.  You might try a defrag just to see if it helps.

     

    Computer, right click on C: Drive and select Properties then Tools.  Defragment Now.  Defragment Now.


    • 0

    #14
    gregahoffman

    gregahoffman

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 400 posts

    ok, thanks.

     

    do you think I should replace the second HD I use for backup? will that cure the problem with restore not working? what I did was purchased a new 750 GB HD for the primary and reloaded everything because I had a fan failure. I then installed the old 750GB HD and bought a cable and installed it in the secondary HD port inside the laptop. then I wiped it and partitioned it to use for backup.


    • 0

    #15
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,017 posts
    • MVP
    Since you reinstalled Windows let's check the boot log:
     
    Search for 
    msconfig
    and hit Enter.  This should bring up the System Configuration menu.  Click on Boot and then check the box for Boot Log  OK and Reboot.
     
    This should create a file ntbtlog.txt located in C:\Windows\.  This is a hidden system area so:
     
    Control Panel, (View By:  Large Icons)  Folder Options, View.
     
    Uncheck Hide Extensions for Known File Types
    Uncheck Hide Protected System Files
    Check Show Hidden Files,Folders and Drives.
    OK
     
    Then open or attach the C:\Windows\ntbtlog.txt file.
     
    let's also check for missing drivers:
    Right click on Computer and select Manage and then Device Manager then View, Show Hidden Drivers.  Now look in the right pane for yellow flagged devices.  Right click on one and select properties then click on the Details tab.  Change Property to Hardware IDs.  Click on the top one then right click and copy.  Paste that into a reply.  Repeat for all yellow flagged devices.
     
    That doesn't souind like a reason for backups to fail but
     
    Let's see if we can run an Extended test on the hard drive.  See if you can get Speedfan to work:
     
     
    Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it (Win 7 or Vista right click and Run As Admin.).
     
     
    click on the S.M.A.R.T. tab.  Click on the down arrow to the right of the Hard Disk box.  Select your backup hard drive. Click on Extended test.  This will take a while

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP