Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

slow computer

Started by gregahoffman , Jul 22 2016 06:20 AM

Please log in to reply

#1
gregahoffman

Posted 22 July 2016 - 06:20 AM

Member

Member
400 posts

recently my laptop has slowed down quite a bit. i don't know if its malware related or something else.

just wanted to see if my machine caught something or might it be hardware related.

thank you

#2
RKinner

Posted 22 July 2016 - 09:23 AM

Malware Expert

Expert
24,624 posts

Separate Reply for each log is probably easiest.

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Get FRST from

http://www.bleepingc...very-scan-tool/

You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Check the Addition.txt box

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK

Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

#3
gregahoffman

Posted 22 July 2016 - 09:45 PM

Member

Topic Starter
Member
400 posts

thanks for the help. sorry its such a late reply, long day at work. results below in order...

# AdwCleaner v5.201 - Logfile created 22/07/2016 at 21:59:27
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : greg & jacki - HPLAPTOP
# Running from : C:\Users\greg & jacki\Desktop\Tools\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [4104 bytes] - [28/06/2016 08:05:01]
C:\AdwCleaner\AdwCleaner[C11].txt - [4246 bytes] - [30/06/2016 20:00:38]
C:\AdwCleaner\AdwCleaner[C12].txt - [4401 bytes] - [05/07/2016 21:38:12]
C:\AdwCleaner\AdwCleaner[C13].txt - [4549 bytes] - [07/07/2016 21:19:42]
C:\AdwCleaner\AdwCleaner[C14].txt - [4697 bytes] - [11/07/2016 06:54:37]
C:\AdwCleaner\AdwCleaner[C15].txt - [4845 bytes] - [12/07/2016 07:34:57]
C:\AdwCleaner\AdwCleaner[C16].txt - [5451 bytes] - [16/07/2016 15:44:27]
C:\AdwCleaner\AdwCleaner[C17].txt - [5141 bytes] - [18/07/2016 07:43:08]
C:\AdwCleaner\AdwCleaner[C18].txt - [5289 bytes] - [21/07/2016 07:56:58]
C:\AdwCleaner\AdwCleaner[C19].txt - [1537 bytes] - [22/07/2016 21:59:27]
C:\AdwCleaner\AdwCleaner[C1].txt - [4172 bytes] - [04/02/2016 09:31:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [3235 bytes] - [21/01/2016 19:51:02]
C:\AdwCleaner\AdwCleaner[C3].txt - [5775 bytes] - [27/04/2016 07:53:57]
C:\AdwCleaner\AdwCleaner[C4].txt - [2748 bytes] - [01/05/2016 19:16:46]
C:\AdwCleaner\AdwCleaner[C5].txt - [3662 bytes] - [10/06/2016 18:46:43]
C:\AdwCleaner\AdwCleaner[C6].txt - [3512 bytes] - [12/06/2016 19:47:19]
C:\AdwCleaner\AdwCleaner[C7].txt - [3656 bytes] - [20/06/2016 08:01:14]
C:\AdwCleaner\AdwCleaner[C8].txt - [3809 bytes] - [22/06/2016 08:25:13]
C:\AdwCleaner\AdwCleaner[C9].txt - [3956 bytes] - [23/06/2016 07:59:32]
C:\AdwCleaner\AdwCleaner[R0].txt - [3051 bytes] - [17/01/2016 15:38:12]
C:\AdwCleaner\AdwCleaner[R2].txt - [1123 bytes] - [09/02/2016 20:59:14]
C:\AdwCleaner\AdwCleaner[R3].txt - [1182 bytes] - [15/02/2016 08:12:14]
C:\AdwCleaner\AdwCleaner[R4].txt - [1241 bytes] - [15/02/2016 08:13:52]
C:\AdwCleaner\AdwCleaner[R5].txt - [1301 bytes] - [20/02/2016 12:13:13]
C:\AdwCleaner\AdwCleaner[R6].txt - [1527 bytes] - [09/03/2016 08:19:03]
C:\AdwCleaner\AdwCleaner[R7].txt - [1537 bytes] - [11/03/2016 09:04:28]
C:\AdwCleaner\AdwCleaner[R8].txt - [1745 bytes] - [15/03/2016 21:47:11]
C:\AdwCleaner\AdwCleaner[R9].txt - [1773 bytes] - [18/03/2016 18:09:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [3044 bytes] - [17/01/2016 15:40:08]
C:\AdwCleaner\AdwCleaner[S10].txt - [2491 bytes] - [12/05/2016 07:03:55]
C:\AdwCleaner\AdwCleaner[S11].txt - [2571 bytes] - [14/05/2016 08:13:45]
C:\AdwCleaner\AdwCleaner[S12].txt - [2639 bytes] - [18/05/2016 19:04:30]
C:\AdwCleaner\AdwCleaner[S13].txt - [2713 bytes] - [28/05/2016 08:09:45]
C:\AdwCleaner\AdwCleaner[S14].txt - [2787 bytes] - [30/05/2016 16:35:33]
C:\AdwCleaner\AdwCleaner[S15].txt - [2867 bytes] - [03/06/2016 13:26:01]
C:\AdwCleaner\AdwCleaner[S16].txt - [2941 bytes] - [05/06/2016 19:27:58]
C:\AdwCleaner\AdwCleaner[S17].txt - [3015 bytes] - [08/06/2016 07:58:44]
C:\AdwCleaner\AdwCleaner[S18].txt - [3477 bytes] - [10/06/2016 18:45:35]
C:\AdwCleaner\AdwCleaner[S19].txt - [3345 bytes] - [12/06/2016 19:46:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [3925 bytes] - [04/02/2016 09:29:21]
C:\AdwCleaner\AdwCleaner[S20].txt - [3489 bytes] - [20/06/2016 08:00:02]
C:\AdwCleaner\AdwCleaner[S21].txt - [3642 bytes] - [22/06/2016 08:24:09]
C:\AdwCleaner\AdwCleaner[S22].txt - [3789 bytes] - [23/06/2016 07:58:24]
C:\AdwCleaner\AdwCleaner[S23].txt - [3936 bytes] - [28/06/2016 08:03:48]
C:\AdwCleaner\AdwCleaner[S24].txt - [4078 bytes] - [30/06/2016 19:58:43]
C:\AdwCleaner\AdwCleaner[S25].txt - [4232 bytes] - [05/07/2016 21:37:10]
C:\AdwCleaner\AdwCleaner[S26].txt - [4380 bytes] - [07/07/2016 21:18:33]
C:\AdwCleaner\AdwCleaner[S27].txt - [4528 bytes] - [11/07/2016 06:53:36]
C:\AdwCleaner\AdwCleaner[S28].txt - [4676 bytes] - [12/07/2016 07:33:22]
C:\AdwCleaner\AdwCleaner[S29].txt - [5264 bytes] - [16/07/2016 15:42:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [4291 bytes] - [21/01/2016 19:48:57]
C:\AdwCleaner\AdwCleaner[S30].txt - [4972 bytes] - [18/07/2016 07:41:53]
C:\AdwCleaner\AdwCleaner[S31].txt - [5120 bytes] - [21/07/2016 07:55:20]
C:\AdwCleaner\AdwCleaner[S32].txt - [5268 bytes] - [22/07/2016 18:56:58]
C:\AdwCleaner\AdwCleaner[S33].txt - [5342 bytes] - [22/07/2016 21:56:52]
C:\AdwCleaner\AdwCleaner[S34].txt - [5416 bytes] - [22/07/2016 21:58:32]
C:\AdwCleaner\AdwCleaner[S3].txt - [3473 bytes] - [20/02/2016 12:14:19]
C:\AdwCleaner\AdwCleaner[S4].txt - [3694 bytes] - [09/03/2016 08:20:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [3708 bytes] - [11/03/2016 09:05:34]
C:\AdwCleaner\AdwCleaner[S6].txt - [7291 bytes] - [15/03/2016 21:49:00]
C:\AdwCleaner\AdwCleaner[S7].txt - [4407 bytes] - [18/03/2016 18:10:36]
C:\AdwCleaner\AdwCleaner[S8].txt - [2349 bytes] - [02/05/2016 07:03:57]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by greg & jacki (Administrator) on Fri 07/22/2016 at 22:05:48.99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 26

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\9618 (Folder)
Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\greg & jacki\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (greg & jacki) (Task)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag4_Startup (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_greg_&_jacki (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XM4F6SE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2QA9PWPQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1SVZH6Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGGKGM9Q (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVWSVACF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXQ8ESL4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIF7J2XO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LL1HF8MB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTVKSLMW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWSVANFQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLJ4A72D (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YXU3TGEP (Temporary Internet Files Folder)

Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{307679DE-83ED-4077-82D2-BD13FE0112B1} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{307679DE-83ED-4077-82D2-BD13FE0112B1} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 07/22/2016 at 22:08:34.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\AdwCleaner\AdwCleaner[S9].txt - [2422 bytes] - [02/05/2016 08:05:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C19].txt - [5505 bytes] ##########

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by greg & jacki (administrator) on HPLAPTOP (22-07-2016 22:22:54)
Running from C:\Users\greg & jacki\Desktop
Loaded Profiles: greg & jacki (Available Profiles: greg & jacki)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_210_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel® Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-12-01] (Easybits)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2547048 2011-03-30] (Hewlett-Packard Co.)
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2022688 2016-04-26] (IObit)
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-03-30] (EasyBits Software Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{F1B6EB07-5742-48CD-8569-8F9DC1979B1B}: [DhcpNameServer] 75.75.76.76 75.75.75.75

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.com/
HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> {307679DE-83ED-4077-82D2-BD13FE0112B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> DefaultScope {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> {E4197AB8-0441-4D48-81F8-B3ACFE5D4C3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-21] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-03]
CHR Extension: (Website Logon) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2016-01-03]
CHR Extension: (Google Docs) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03]
CHR Extension: (Google Drive) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
CHR Extension: (YouTube) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
CHR Extension: (Google Search) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
CHR Extension: (Google Sheets) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-03]
CHR Extension: (Google Docs Offline) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-08]
CHR Extension: (Gmail) - C:\Users\greg & jacki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2011-01-30] (Red Bend Ltd.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC)
S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-10-13] (VMware, Inc.)
S3 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [885248 2011-01-30] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-10-14] (VMware, Inc.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] () [File not signed]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-12-18] () [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-09] (REALiX™)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 cpuz137; \??\C:\Users\GREG&J~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 cpuz138; \??\C:\Users\GREG&J~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-22 22:22 - 2016-07-22 22:23 - 00046354 _____ C:\Users\greg & jacki\Desktop\FRST.txt
2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\Users\greg & jacki\AppData\Roaming\ProductData
2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\ProgramData\ProductData
2016-07-22 22:22 - 2016-07-22 22:22 - 00000000 ____D C:\FRST
2016-07-22 22:08 - 2016-07-22 22:08 - 00004596 _____ C:\Users\greg & jacki\Desktop\JRT.txt
2016-07-22 22:04 - 2016-07-22 22:04 - 00005585 _____ C:\Users\greg & jacki\Desktop\AdwCleaner[C19].txt
2016-07-22 18:55 - 2016-07-22 18:55 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\greg & jacki\Desktop\procexp.exe
2016-07-22 18:54 - 2016-07-22 18:54 - 02393600 _____ (Farbar) C:\Users\greg & jacki\Desktop\FRST64.exe
2016-07-22 18:53 - 2016-07-22 18:53 - 01610560 _____ (Malwarebytes) C:\Users\greg & jacki\Desktop\JRT.exe
2016-07-17 17:33 - 2016-07-17 17:33 - 00000000 ____D C:\Users\greg & jacki\AppData\Local\ESET
2016-07-17 17:21 - 2016-07-17 17:31 - 00227152 _____ C:\TDSSKiller.3.1.0.9_17.07.2016_17.21.39_log.txt
2016-07-14 10:15 - 2016-07-14 10:15 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 17892352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 12388864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 10938368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 09753088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-14 08:33 - 2016-07-14 08:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-14 08:33 - 2016-07-14 08:33 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01814528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01804800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-14 08:33 - 2016-07-14 08:33 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-14 08:33 - 2016-07-14 08:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-14 08:33 - 2016-07-14 08:33 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-14 08:33 - 2016-07-14 08:33 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-14 08:33 - 2016-07-14 08:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-14 08:33 - 2016-07-14 08:33 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-14 06:46 - 2016-07-14 06:46 - 28318536 _____ C:\Users\greg & jacki\Downloads\Unconfirmed 573095.crdownload
2016-07-14 06:36 - 2016-07-14 06:43 - 36138288 _____ (Microsoft Corporation) C:\Users\greg & jacki\Downloads\IE9-WindowsVista-x64-enu.exe
2016-07-14 06:31 - 2016-07-14 06:31 - 00001413 _____ C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-07-14 06:18 - 2016-07-14 06:19 - 36380976 _____ (Microsoft Corporation) C:\Users\greg & jacki\Downloads\IE9-Windows7-x64-enu.exe
2016-07-13 06:03 - 2016-07-13 06:03 - 00000000 ____D C:\Users\greg & jacki\AppData\Local\GWX
2016-07-12 21:54 - 2016-07-14 08:28 - 00000000 ____D C:\Windows\Panther
2016-07-12 14:37 - 2016-06-25 19:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-12 14:37 - 2016-06-25 19:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-12 14:37 - 2016-06-25 19:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-12 14:37 - 2016-06-25 19:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-12 14:37 - 2016-06-25 19:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-12 14:37 - 2016-06-25 19:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-12 14:37 - 2016-06-25 19:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-12 14:37 - 2016-06-25 14:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-12 14:37 - 2016-06-25 14:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-12 14:37 - 2016-06-25 14:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-12 14:37 - 2016-06-25 14:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-12 14:37 - 2016-06-25 14:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-12 14:37 - 2016-06-22 08:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 14:37 - 2016-06-17 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-12 14:36 - 2016-06-14 10:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-12 07:47 - 2016-07-12 07:47 - 01030400 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-07-12 07:47 - 2016-07-12 07:47 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-07-11 06:57 - 2016-07-11 06:57 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EA4CE9EE-021A-4CE5-A8D5-ADA3284B2958}
2016-07-05 07:36 - 2016-07-16 03:15 - 00000000 ____D C:\Windows\EOONotify
2016-06-30 19:51 - 2016-06-30 19:51 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201 (2).exe
2016-06-30 19:50 - 2016-06-30 19:50 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201 (1).exe
2016-06-30 19:49 - 2016-06-30 19:49 - 03712064 _____ C:\Users\greg & jacki\Downloads\adwcleaner_5.201.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01732888 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-25 16:51 - 2016-06-25 16:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-25 16:51 - 2016-06-25 16:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-06-25 16:51 - 2016-06-25 16:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-06-25 16:51 - 2016-06-25 16:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-06-25 16:51 - 2016-06-25 16:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-22 22:13 - 2016-03-18 17:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-22 22:11 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-22 22:11 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-22 22:09 - 2016-01-03 08:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\Users\greg & jacki\AppData\Roaming\IObit
2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\ProgramData\IObit
2016-07-22 22:07 - 2015-10-28 09:16 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-22 22:03 - 2015-10-25 11:48 - 00000000 ___HD C:\Users\greg & jacki\AppData\Local\CrashDumps
2016-07-22 22:02 - 2016-01-03 08:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-22 22:02 - 2015-10-24 16:30 - 00000000 ____D C:\ProgramData\MFAData
2016-07-22 22:01 - 2015-10-24 16:10 - 00000000 ___HD C:\Users\greg & jacki\AppData\LocalLow\AuthenTec
2016-07-22 22:01 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-22 21:59 - 2016-01-17 15:38 - 00000000 ____D C:\AdwCleaner
2016-07-22 21:01 - 2015-10-25 10:35 - 00000270 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2016-07-22 15:43 - 2015-10-24 16:15 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{79FA8574-6A16-4BDF-A53F-11F1C3E82809}
2016-07-21 08:04 - 2009-07-14 00:13 - 00778180 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-21 08:04 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-07-20 03:00 - 2015-10-26 08:54 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-20 03:00 - 2015-10-26 08:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-18 07:55 - 2009-07-13 23:45 - 00409216 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-18 07:44 - 2016-02-20 12:17 - 96337920 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2016-07-18 07:44 - 2016-02-20 12:17 - 45142016 _____ C:\Windows\system32\config\components.iodefrag.bak
2016-07-18 07:44 - 2016-02-20 12:17 - 00897024 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2016-07-18 07:44 - 2016-02-20 12:17 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2016-07-18 07:44 - 2016-02-20 12:17 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2016-07-17 20:37 - 2015-10-26 12:16 - 00000000 ____D C:\Users\greg & jacki\Desktop\Tools
2016-07-16 03:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-07-16 03:34 - 2015-10-24 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-16 03:15 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-07-14 10:15 - 2016-03-18 17:54 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 10:15 - 2016-03-18 17:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 10:15 - 2016-03-18 17:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-13 08:23 - 2015-10-30 09:43 - 00000196 _____ C:\Users\greg & jacki\Desktop\Facebook.url
2016-07-12 21:03 - 2015-11-02 12:04 - 00109296 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2016-07-12 20:57 - 2015-10-30 09:40 - 00109296 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2016-07-12 20:33 - 2009-07-13 21:34 - 00000514 _____ C:\Windows\win.ini
2016-07-12 20:31 - 2015-10-25 17:56 - 00781298 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-12 19:23 - 2015-10-26 08:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-12 19:20 - 2015-10-26 06:27 - 00000000 ____D C:\Windows\system32\MRT
2016-07-12 19:16 - 2015-10-26 06:27 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-12 19:12 - 2015-11-03 12:45 - 00003676 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-07-12 08:08 - 2015-10-30 10:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-12 07:47 - 2015-10-24 17:17 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-07-12 07:43 - 2015-10-26 09:19 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 07:43 - 2011-03-30 22:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-11 17:54 - 2015-10-28 00:37 - 00000000 ___HD C:\Users\greg & jacki\AppData\Roaming\VMware
2016-06-29 14:59 - 2015-10-24 16:29 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-29 14:59 - 2015-10-24 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-23 03:01 - 2015-10-28 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 03:00 - 2015-10-28 09:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 03:00 - 2015-10-28 09:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Files in the root of some directories =======

2015-10-25 10:32 - 2015-10-25 10:32 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\greg & jacki\AppData\Local\Temp\libeay32.dll
C:\Users\greg & jacki\AppData\Local\Temp\msvcr120.dll
C:\Users\greg & jacki\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-17 00:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2016
Ran by greg & jacki (2016-07-22 22:24:06)
Running from C:\Users\greg & jacki\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-24 21:09:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2642546764-1993480236-4026764921-500 - Administrator - Disabled)
greg & jacki (S-1-5-21-2642546764-1993480236-4026764921-1001 - Administrator - Enabled) => C:\Users\greg & jacki
Guest (S-1-5-21-2642546764-1993480236-4026764921-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2642546764-1993480236-4026764921-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
AOMEI Partition Assistant Standard Edition 5.8 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
AVG (Version: 16.91.7688 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{0128D231-B23B-409C-A531-39D8D8774BA1}) (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{B6A3EAE4-3727-46A4-A659-8576BF7C8C8D}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{F638F65B-B435-44E0-9382-7F90BDB003E2}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}) (Version: 1.1.0.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{F8070C51-4B1D-430C-8BCF-19696368366F}) (Version: 4.0.110.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6329.0 - IDT)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® Wireless Display (HKLM-x32\...\{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}) (Version: 2.0.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{18A6B663-A646-457B-A314-5CF58AECB06A}) (Version: 6.02.0000 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.4 - Tweaking.com)
Validity WBF DDK (HKLM\...\{7C54D017-21BB-43AE-9746-33E78AF4A425}) (Version: 4.3.118.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C7D692E-0802-4F99-B0C1-1795CC8F0C0C} - System32\Tasks\greg & jacki1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-07-15] (Seagate Technology LLC)
Task: {36882EBC-72A8-4DC0-9A33-ABA05AC94A50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.)
Task: {4DBD0E55-627F-433D-A58C-F4F7B8434661} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-08] (CyberLink)
Task: {56C027B8-10A8-4FB1-B963-DF1BF451AF5C} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {604B1031-D317-4295-869E-60701D8F94FF} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {67658A3E-23D4-421E-873D-86B664636050} - System32\Tasks\Microsoft\Windows\Setup\EOONotify => C:\Windows\EOONotify\EOONotify.exe [2016-07-08] (Microsoft Corporation)
Task: {6C27BB5D-B58A-4843-B62B-E9C7BB126D71} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-07-15] (Seagate Technology LLC)
Task: {6DF2A9E0-2FD5-4E30-87B4-5CAA16AC1E19} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-03-30] (Hewlett-Packard Co.)
Task: {7E372931-A1A9-4B04-BE8B-E253538B5737} - System32\Tasks\greg & jacki DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-07-15] (Seagate Technology LLC)
Task: {81F9C68B-4BEC-4767-8A9D-83A080683AFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-12-02] (Microsoft)
Task: {8CB452F4-1956-49E6-9EE8-515F059CF622} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {95E50C0B-49ED-4598-B587-5B4C39C0A0C7} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit)
Task: {963EB87A-4915-4AFC-9C07-E2A0F6427A91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.)
Task: {A4F5759D-7340-4F34-BD11-C88D3A769C1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {AA4AD301-F2E8-4CCE-B36F-5AD9F270D414} - System32\Tasks\ASC9_SkipUac_greg & jacki => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit)
Task: {B4BF5E4C-2333-49A6-8C22-16D2AEB72AD0} - System32\Tasks\0116avzUpdateInfo => C:\ProgramData\Avg_Update_0116avz\0116avz_AVG-Secure-Search-Update.exe
Task: {CCF32A04-8A1A-41F7-BC81-F5453E8FB9AF} - System32\Tasks\1015avzUpdateInfo => C:\ProgramData\Avg_Update_1015avz\1015avz_AVG-Secure-Search-Update.exe
Task: {E770AF70-6148-4A8D-A1EB-911C914740DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-12-02] (Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-01-05 14:53 - 2011-01-05 14:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-06-16 11:10 - 2015-06-16 11:10 - 00226240 _____ () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
2015-07-31 15:42 - 2015-07-31 15:42 - 06363792 _____ () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
2011-03-30 16:19 - 2011-03-30 16:19 - 02673000 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2015-12-09 01:36 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-06-16 11:04 - 2015-06-16 11:04 - 00239552 _____ () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
2011-04-27 18:05 - 2011-04-27 18:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2016-05-11 03:51 - 2016-05-11 03:51 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\61a733954a0da9a5988d596c76b2b891\IsdiInterop.ni.dll
2015-10-24 17:13 - 2011-01-12 20:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4790 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2016-07-12 20:33 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2642546764-1993480236-4026764921-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\greg & jacki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: Seagate Dashboard Services => 2
MSCONFIG\Services: Seagate MobileBackup Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 3
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FA2A053B-3763-4AF8-B6AE-4B42DE0CFABB}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{122939D9-7D11-4E5E-829D-A03495A614B9}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{2B429156-C6BF-4AEE-941A-151843277944}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{AFF6F81E-EA7F-4DCF-BB14-5904BCC3ED52}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{A3A5EF2D-26CA-4E79-8BD9-4433E5DA545B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F70020D9-09D6-47E1-83F8-935B7158FE18}] => (Allow) LPort=2869
FirewallRules: [{5F7EF239-7066-4A06-B7DC-5585EFDB4487}] => (Allow) LPort=1900
FirewallRules: [{11925C4F-46C5-47CC-A3F1-D94618F52C96}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3AA5DC62-D991-4ED3-914F-A9F5F1783F06}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{525CA1FD-A433-4617-800A-7CECCA465FB3}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{FED5E636-AD6E-4C87-935A-07EB13F204BD}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{C4AA47D7-4FD2-4193-B8C1-4A4101D5D987}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{BE64F1D7-91D5-4AAE-9247-5B7EC9C24149}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{947CAEC5-EEC8-4884-85A3-73402DF17195}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{50C02676-23CB-4F30-8AA7-30F0AF105BEA}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{EA6D39EE-CF25-4597-86CB-373FFCF2DD87}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{6909F2B6-3FE1-4926-955F-1E07AA2DBD25}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{6A87A38F-65C7-4F13-9B3A-F7C9A7595549}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{38D2F4E5-9FDE-493B-9AD5-F17E2E8EB4A0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{1D492753-7346-492B-8201-DA0578D9BA3A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{41B74564-0A7F-42C5-B50A-D972BAFD036E}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D4F40994-0868-459F-AD67-5889842395F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{57020AF1-20A8-46E2-A462-73E073642E7D}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{9AEB8BDF-6CC1-4BAC-B581-D696C225B890}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{AD8789E1-245E-41AF-BCA8-E0F045F05A8B}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{F6C62D52-F900-43DB-9591-61C9CCEED6BF}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{429C4173-61A1-42D5-A2CE-141CB4C54080}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{C4AFB040-82B3-485F-BB74-766E8B6DB1C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{699ACC84-9C6C-4C8E-9961-6741BD0D24FD}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{9DD42E49-C405-4C8A-9029-3C667070BD25}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{441BE0D9-2B13-423A-B660-296B59AD45A9}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{4177CAE2-6874-4A79-B417-3E4EBA4D2B1E}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{BADFD149-13F4-401F-A4F5-06A1F86B97E8}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{EFE98695-A6FD-4119-A6FA-6FAD25417338}] => (Allow) LPort=8888
FirewallRules: [{17A459BA-6303-404F-A15C-D594426BE254}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{64788292-6A9A-439C-B216-59FA876BE136}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{392D1FF6-C390-4CAA-94E8-7F976D86143F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{26734368-65CF-4421-96C7-E9834638AE4B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{D50AC84E-C386-4086-8F52-30534B4D2C0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{FA02A8BC-30A9-4386-AE49-711E282FB9AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{1C674F58-02B6-4344-8295-1A087CDE8D9F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{56DCEDC2-72D9-4617-B1E3-8E4456EC5D2E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{29CAAD03-7003-4C6B-B5D8-4413D42D963B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{79C00CE1-0348-4D4E-A149-3B0295F6C1DD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{9B43D347-8D39-404F-8A26-0E1C0B25C098}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{530F22C2-16BD-41EE-9300-3F329E683AC3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D2350CCB-E430-497A-BFA3-5F5FC41F6002}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{01800A42-B181-4EF8-BEF4-26B8D79563AE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{41653198-7245-45F7-8A6D-10050D3E8E03}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{AEB67212-6389-46C7-B2EC-FE2581CA9AB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D9CBB6C5-0265-4A48-9F84-ACF1152192A1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{5944C50C-AD92-4F97-AE21-B1475BE10243}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{301E8F0D-9113-4F8F-B354-AC8C4A4174AF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

03-04-2016 23:00:17 Windows Backup
08-04-2016 20:44:55 DVDFab 9.2.3.7 (29/03/2016) restore point
10-04-2016 23:00:28 Windows Backup
12-04-2016 03:00:13 Windows Update
14-04-2016 03:00:19 Windows Update
23-04-2016 08:28:06 Scheduled Checkpoint
23-04-2016 08:35:32 Driver Booster : Realtek PCIe GBE Family Controller
23-04-2016 08:58:10 Windows Backup
24-04-2016 01:28:28 Windows Modules Installer
24-04-2016 01:29:04 Windows Modules Installer
24-04-2016 23:00:25 Windows Backup
02-05-2016 08:36:22 Scheduled Checkpoint
05-05-2016 03:00:14 Windows Update
05-05-2016 21:13:10 Windows Update
08-05-2016 23:00:19 Windows Backup
10-05-2016 03:00:11 Windows Update
11-05-2016 03:00:14 Windows Update
11-05-2016 19:14:42 Windows Update
15-05-2016 23:00:22 Windows Backup
22-05-2016 17:33:12 Windows Backup
22-05-2016 18:55:27 Windows Backup
22-05-2016 23:00:13 Windows Backup
23-05-2016 07:54:59 Windows Modules Installer
26-05-2016 03:00:23 Windows Update
30-05-2016 14:45:32 Windows Backup
03-06-2016 11:12:52 Windows Backup
10-06-2016 19:32:10 Scheduled Checkpoint
15-06-2016 03:00:29 Windows Update
22-06-2016 09:00:19 Scheduled Checkpoint
23-06-2016 03:00:10 Windows Update
25-06-2016 16:49:26 Windows Modules Installer
30-06-2016 00:00:23 Windows Backup
05-07-2016 07:35:38 Windows Modules Installer
12-07-2016 07:45:04 Driver Booster : 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
12-07-2016 19:13:49 Windows Update
12-07-2016 21:43:07 Windows Modules Installer
12-07-2016 21:47:44 Windows Modules Installer
13-07-2016 07:00:33 Restore Operation
13-07-2016 21:46:20 Windows Modules Installer
13-07-2016 21:49:28 Windows Update
14-07-2016 06:06:40 Windows Modules Installer
14-07-2016 06:23:49 Windows Modules Installer
14-07-2016 08:32:06 Windows Modules Installer
16-07-2016 03:00:10 Windows Update
17-07-2016 08:34:47 Restore Operation
20-07-2016 03:00:14 Windows Update
22-07-2016 22:06:15 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Intel® Centrino® WiMAX 6150
Description: Intel® Centrino® WiMAX 6150
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: bpmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2016 10:02:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0x13d8
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/22/2016 10:02:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0xb28
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/21/2016 08:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0x1324
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/21/2016 08:00:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0xc88
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/18/2016 07:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0xc04
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/18/2016 07:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0xacc
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/18/2016 07:46:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0x1320
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/18/2016 07:46:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0x94
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

Error: (07/17/2016 07:55:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program esetonlinescanner_enu.exe version 2.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 364

Start Time: 01d1e08355dcf7cd

Termination Time: 63

Application Path: C:\Users\greg & jacki\Desktop\esetonlinescanner_enu.exe

Report Id:

Error: (07/17/2016 06:28:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Faulting module name: Fitbit Connect.exe, version: 2.0.1.6742, time stamp: 0x5630c9ca
Exception code: 0x40000015
Fault offset: 0x001e2080
Faulting process id: 0x1614
Faulting application start time: 0xFitbit Connect.exe0
Faulting application path: Fitbit Connect.exe1
Faulting module path: Fitbit Connect.exe2
Report Id: Fitbit Connect.exe3

System errors:
=============
Error: (07/22/2016 10:03:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (07/22/2016 10:02:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Client Services service to connect.

Error: (07/22/2016 10:00:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® PROSet/Wireless WiMAX Service service failed to start due to the following error:
%%109 = The pipe has been ended.

Error: (07/22/2016 10:00:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Print Spooler service failed to start due to the following error:
%%1069 = The service did not start due to a logon failure.

Error: (07/22/2016 10:00:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50 = The request is not supported.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/22/2016 10:00:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVG WatchDog service did not shut down properly after receiving a preshutdown control.

Error: (07/22/2016 10:00:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the fdPHost service.

Error: (07/22/2016 09:59:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/22/2016 09:59:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/22/2016 09:59:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 26%
Total physical RAM: 8139.86 MB
Available physical RAM: 5994.96 MB
Total Virtual: 16277.9 MB
Available Virtual: 14096.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:916.54 GB) (Free:669.64 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.68 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:330.32 GB) (Free:187.05 GB) NTFS
Drive f: () (Fixed) (Total:368.32 GB) (Free:248.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C1C188DA)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=916.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 8DC4B273)
Partition 1: (Not Active) - (Size=330.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
atiesrxx.exe  1,752 K 4,684 K 1484 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
conhost.exe  1,092 K 3,004 K 2428 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
dwm.exe  1,844 K 5,740 K 2152 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
FlashUtil32_22_0_0_210_ActiveX.exe  3,536 K 8,840 K 6520 Adobe® Flash® Player Installer/Uninstaller 22.0 r0 Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
hpCaslNotification.exe  31,516 K 9,512 K 2340 hpCaslNotification Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
HPDrvMntSvc.exe  1,400 K 4,056 K 2220 HP Quick Synchronization Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
HPWMISVC.exe  2,068 K 5,568 K 920 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
lsm.exe  2,844 K 4,744 K 1132 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
procexp.exe  2,372 K 7,660 K 8076 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
RegSrvc.exe  2,604 K 6,960 K 5592 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
services.exe  7,540 K 11,388 K 1112 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
smss.exe  540 K 1,236 K 380 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe  7,724 K 14,220 K 2600 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  5,788 K 11,472 K 3752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  1,676 K 4,720 K 4684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,776 K 6,344 K 7212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  5,148 K 10,308 K 5868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,764 K 6,184 K 1828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  17,320 K 19,060 K 2348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  19,668 K 23,796 K 1564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
TrueSuiteService.exe  1,860 K 5,576 K 1368 HP Service HP (Verified) AuthenTec
UNS.exe  3,212 K 7,544 K 5728 User Notification Service Intel Corporation (Verified) Intel Corporation
unsecapp.exe  2,088 K 5,948 K 5576 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  2,012 K 5,388 K 3584 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,688 K 4,856 K 884 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  3,120 K 7,716 K 1056 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE  1,860 K 4,004 K 6544 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
wsnm.exe  4,732 K 9,984 K 1536 VMware Horizon View Framework Node Manager VMware, Inc. (Verified) VMware
hpservice.exe < 0.01 1,772 K 4,996 K 1924 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
csrss.exe < 0.01 2,448 K 5,056 K 124 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
EvtEng.exe < 0.01 8,696 K 16,640 K 3896 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation - Mobile Wireless Group
svchost.exe < 0.01 31,200 K 34,328 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
hpCMSrv.exe < 0.01 4,272 K 9,100 K 7492 HP Connection Manager Service Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
hpqWmiEx.exe < 0.01 4,408 K 9,164 K 6996 hpqwmiex Module Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
wlanext.exe < 0.01 9,708 K 19,648 K 2420 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
vmware-view-usbd.exe < 0.01 3,772 K 7,940 K 6428 VMware Horizon View client USB service (32-bit) VMware, Inc. (Verified) VMware
IAStorIcon.exe < 0.01 24,420 K 23,092 K 4408 IAStorIcon Intel Corporation (Verified) Intel Corporation
DMAgent.exe < 0.01 5,928 K 7,992 K 4692 Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software Red Bend Ltd. (No signature was present in the subject) Red Bend Ltd.
svchost.exe < 0.01 11,572 K 14,720 K 7660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 6,484 K 7,860 K 6016 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
avgsvca.exe < 0.01 9,100 K 23,940 K 3400 AVG Service Process AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
vmware-usbarbitrator64.exe < 0.01 4,028 K 8,384 K 6316 VMware USB Arbitration Service VMware, Inc. (Verified) VMware
ASCService.exe < 0.01 9,476 K 7,492 K 1300 Advanced SystemCare Service IObit (Verified) IObit Information Technology
ezSharedSvcHost.exe < 0.01 1,840 K 5,680 K 2984 Shared EasyBits services for Windows EasyBits Software AS (Verified) EasyBits Software AS
WLIDSVC.EXE < 0.01 7,756 K 16,396 K 5144 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
WUDFHost.exe < 0.01 3,120 K 7,576 K 892 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 31,292 K 24,836 K 6072 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe < 0.01 11,876 K 25,636 K 7372 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
FitbitConnectService.exe < 0.01 16,212 K 21,968 K 3320 Fitbit Connect Service RC Fitbit, Inc. (Verified) Fitbit
svchost.exe < 0.01 13,344 K 22,360 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgwdsvca.exe 0.01 13,400 K 30,252 K 3720 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
lsass.exe 0.01 8,132 K 16,840 K 1120 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
ftnlsv.exe 0.01 2,024 K 4,388 K 3524 NetLink supervisor  (Verified) FabulaTech
ftscanmgr.exe 0.01 5,504 K 8,544 K 4120 Scanner Redirection manager (Client)  (Verified) FabulaTech
iexplore.exe 0.01 75,188 K 102,220 K 1216 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
explorer.exe 0.02 38,080 K 62,276 K 2208 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
IMFsrv.exe 0.03 7,956 K 4,860 K 2976 IObit Malware Fighter Service IObit (Verified) IObit Information Technology
IAStorDataMgrSvc.exe 0.04 20,092 K 16,936 K 7508 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
LMS.exe 0.04 2,780 K 5,288 K 6472 Local Manageability Service Intel Corporation (Verified) Intel Corporation
svchost.exe 0.04 5,776 K 9,692 K 1436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 0.04 5,668 K 11,408 K 3252 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.04 120,996 K 127,316 K 1604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppSrv.exe 0.10 5,608 K 8,180 K 5944 WiMAX SDK service for Intel® PROSet/Wireless WiMAX Software Intel® Corporation (No signature was present in the subject) Intel® Corporation
svchost.exe 0.10 23,488 K 39,132 K 1664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System 0.11 3,300 K 185,808 K 4
svchost.exe 0.14 5,104 K 10,744 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.23 8,728 K 15,812 K 3140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.26 15,932 K 12,628 K 900 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.58 0 K 0 K n/a Hardware Interrupts and DPCs
procexp64.exe 1.71 31,356 K 53,000 K 7732 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 96.43 0 K 24 K 0

#4
RKinner

Posted 22 July 2016 - 10:15 PM

Malware Expert

Expert
24,624 posts

Not seeing much. Go in to msconfig and check everything then OK and restart.

Then uninstall:

Advanced SystemCare 9

Driver Booster 3.3

IObit Malware Fighter 3

IObit Uninstaller

Smart Defrag 4

Surfing Protection

(I'm not fond of IOBIT's snake oil)

Also uninstall Java 8 Update 65

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:

Get the latest Java at:

http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.

Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

I would also uninstall

Fitbit Connect as it is having problems. You can download a new copy and reinstall it.

Also I would update Intel® PROSet/Wireless WiMAX Software

https://downloadcent...-?product=59476

Once you have done that the above then:

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow[

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt

notepad \windows\logs\cbs\junk.txt

Regardless of the sfc result:

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

* System

4. Under 'Select type to list', select:

* Error

* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download

Latest Version button - Do NOT press the large Start Download button on the upper left!)

Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),

File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.

(It will be near the top about 10 lines down.) Save the file. Attach the file to your next post. (More Reply Options, Choose File, Open, Attach This File)

#5
gregahoffman

Posted 23 July 2016 - 07:06 AM

Member

Topic Starter
Member
400 posts

logs below and attached

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/07/2016 7:56:24 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/07/2016 12:26:31 PM
Type: Error Category: 0
Event: 14332 Source: Microsoft-Windows-WMPNSS-Service
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 23/07/2016 12:26:11 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/07/2016 12:24:02 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

Log: 'System' Date/Time: 23/07/2016 12:22:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/07/2016 12:22:22 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/07/2016 7:58:01 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/07/2016 12:22:09 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:
Process 1108 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001
Process 1072 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

#6
gregahoffman

Posted 23 July 2016 - 07:07 AM

Member

Topic Starter
Member
400 posts

sorry, i think i forgot to attatch speccy

Attached Files

HPLAPTOP.txt 90.92KB 284 downloads

#7
RKinner

Posted 23 July 2016 - 09:31 AM

Malware Expert

Expert
24,624 posts

Doesn't look too bad now. Speccy says the temps are good & the first hard drive is in good shape. The second (is this an external drive used for backups or extra space?) - not so good. It's been dropped hard:

Attribute name G-sense error rate

Real value 506

Current 100

Worst 100

Threshold 0

Raw Value 00000001FA

and has a lot of Uncorrectable Errors:

Attribute name Reported Uncorrectable Errors

Real value 1,162

Current 1

Worst 1

Threshold 0

Raw Value 000000048A

IE is talking to something with an IP address that isn't allowed on the Internet (169.54.33.132) so I assume you are doing some sort of Internet Connection Sharing.

For your errors:

Log: 'System' Date/Time: 23/07/2016 12:26:31 PM

Type: Error Category: 0

Event: 14332 Source: Microsoft-Windows-WMPNSS-Service

Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

This is a fairly useless service that never seems to work right. Search for

services.msc

and hit Enter.

This should bring up the service window.

Find

Windows Media Player Network Sharing Service

and right click on it and select Properties. Change the Startup Type: to Manual OK.

Leave the Services window open we will need it again.

Log: 'System' Date/Time: 23/07/2016 12:24:02 PM

Type: Warning Category: 212

Event: 219 Source: Microsoft-Windows-Kernel-PnP

The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

This is a mistake from MS. It used to be Automatic but they changed it in Win 7 to Manual to make it boot a bit faster. Go back to the Service window and find:

Windows Driver Foundation - User-mode Driver Framework

and right click on it and select Properties. Change the Startup Type: to Automatic, OK.

Leave the Services window open we will need it again

This error:

Log: 'System' Date/Time: 23/07/2016 12:26:11 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

This is part of HP Quick Launch. http://support.hp.co...ument/c01136921

If this is something you want to work then I would uninstall the current version and download the latest version from HP. (Your current version says: (A certificate was explicitly revoked by its issuer) Otherwise uninstall it or go in to Services Window and find HP Quick Launch WMI Service or HP WMI Service or HP Quick Launch and change its Startup Type to Disabled.

Log: 'System' Date/Time: 23/07/2016 12:22:22 PM

Type: Warning Category: 0

Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Normal indication. No action required.

Log: 'Application' Date/Time: 23/07/2016 12:22:09 PM

Type: Warning Category: 0

Event: 1530 Source: Microsoft-Windows-User Profiles Service

Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:

Process 1108 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

Process 1072 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

This one is sort of odd. It claims services.exe and winlogon.exe are keeping the registry open. These are both Windows files and they don't usually do this. Wondering if AVG is doing something it shouldn't? The error is not as bad as it sounds. Win 7 knows how to unload the registry without damage.

Clear the event logs:

Reboot.

Run VEW again as before and let's see if we fixed anything.

How is it running now?

#8
gregahoffman

Posted 23 July 2016 - 03:16 PM

Member

Topic Starter
Member
400 posts

the second hard drive is internal, I use it for backup. I don't ever remember dropping it, maybe that explains why restore points never work. as for IE talking to something with an IP address that isn't allowed on the Internet (169.54.33.132). I have no clue what this is. can it be stopped? i'll work on the other stuff and report back. the machine does seem a bit better today.

#9
RKinner

Posted 23 July 2016 - 03:24 PM

Malware Expert

Expert
24,624 posts

Copy the next 2 lines:

netstat -rn > \junk.txt

notepad \junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply. That might help figure out where the 169 addresses are. Has to be something local so probably benign.

#10
gregahoffman

Posted 23 July 2016 - 05:12 PM

Member

Topic Starter
Member
400 posts

logs below

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/07/2016 6:07:49 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/07/2016 9:23:29 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device USB\VID_138A&PID_0018\04a4745dff40.

Log: 'System' Date/Time: 23/07/2016 9:22:42 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 23/07/2016 9:22:42 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/07/2016 6:08:54 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/07/2016 9:22:36 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-2642546764-1993480236-4026764921-1001:
Process 1060 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001
Process 1180 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642546764-1993480236-4026764921-1001

===========================================================================
Interface List
15...64 d4 da 5d 81 e9 ......Intel® Centrino® WiMAX 6150
14...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter #2
13...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter
12...40 25 c2 53 4d 14 ......Intel® Centrino® Wireless-N 6150
11...10 1f 74 17 57 8a ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.7     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.7    281
         10.0.0.7 255.255.255.255         On-link          10.0.0.7    281
       10.0.0.255 255.255.255.255         On-link          10.0.0.7    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.7    281
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link          10.0.0.7    281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
12    281 ::/0                     fe80::7acd:8eff:fe0d:62a2
1    306 ::1/128                  On-link
12     33 2601:448:100:ea2c::/64   On-link
12    281 2601:448:100:ea2c:682c:48c2:fea6:e17b/128
                                    On-link
12    281 2601:448:100:ea2c:8825:cef9:5af3:862c/128
                                    On-link
12    281 2601:448:100:ea2c:8949:35fe:89ee:6154/128
                                    On-link
12    281 fe80::/64                On-link
12    281 fe80::682c:48c2:fea6:e17b/128
                                    On-link
1    306 ff00::/8                 On-link
12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
None

could the IP address (169.54.33.132) be my wireless printer? I thought the IP for that though ended in .010 or .012

#11
RKinner

Posted 23 July 2016 - 05:33 PM

Malware Expert

Expert
24,624 posts

Unlikely. If it were then the PC couldn't talk to it.

There doesn't seem to be a route to 169.54.33.132

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

Flush DNS

Report IE Proxy Settings

Reset IE Proxy Settings

Report FF Proxy Settings

[ ]Reset FF Proxy Settings

List content of Hosts

List IP configuration

List Winsock Entries

List last 10 Event Viewer Errors

List Installed Programs

List Devices

List Users, Partitions and Memory size.

List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

#12
gregahoffman

Posted 23 July 2016 - 05:47 PM

Member

Topic Starter
Member
400 posts

mtb log

MiniToolBox by Farbar Version: 17-06-2016
Ran by greg & jacki (administrator) on 23-07-2016 at 18:40:40
Running from "C:\Users\greg & jacki\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: HP Pavilion dv7 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : hplaptop
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mn.comcast.net.

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
   Physical Address. . . . . . . . . : 64-D4-DA-5D-81-E9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 40-25-C2-53-4D-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 40-25-C2-53-4D-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix . : hsd1.mn.comcast.net.
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
   Physical Address. . . . . . . . . : 40-25-C2-53-4D-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:448:100:ea2c:682c:48c2:fea6:e17b(Preferred)
   IPv6 Address. . . . . . . . . . . : 2601:448:100:ea2c:8949:35fe:89ee:6154(Preferred)
   Lease Obtained. . . . . . . . . . : Saturday, July 23, 2016 4:24:40 PM
   Lease Expires . . . . . . . . . . : Tuesday, July 26, 2016 5:11:15 PM
   Temporary IPv6 Address. . . . . . : 2601:448:100:ea2c:8825:cef9:5af3:862c(Preferred)
   Link-local IPv6 Address . . . . . : fe80::682c:48c2:fea6:e17b%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.7(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, July 23, 2016 4:24:10 PM
   Lease Expires . . . . . . . . . . : Saturday, July 30, 2016 4:24:09 PM
   Default Gateway . . . . . . . . . : fe80::7acd:8eff:fe0d:62a2%12
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 306193858
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-BD-BB-F1-10-1F-74-17-57-8A
   DNS Servers . . . . . . . . . . . : 2001:558:feed::2
                                       2001:558:feed::1
                                       75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 10-1F-74-17-57-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.mn.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . : hsd1.mn.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server: cdns02.comcast.net
Address: 2001:558:feed::2

Name: google.com
Addresses: 2607:f8b0:4009:808::200e
172.217.4.238

Pinging google.com [2607:f8b0:4009:80e::200e] with 32 bytes of data:
Reply from 2607:f8b0:4009:80e::200e: time=19ms
Reply from 2607:f8b0:4009:80e::200e: time=19ms

Ping statistics for 2607:f8b0:4009:80e::200e:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 19ms, Average = 19ms
Server: cdns02.comcast.net
Address: 2001:558:feed::2

Name:    yahoo.com
Addresses: 2001:4998:c:a06::2:4008
   2001:4998:44:204::a7
   2001:4998:58:c02::a9
   206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
Reply from 2001:4998:c:a06::2:4008: time=63ms
Reply from 2001:4998:c:a06::2:4008: time=65ms

Ping statistics for 2001:4998:c:a06::2:4008:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 63ms, Maximum = 65ms, Average = 64ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...64 d4 da 5d 81 e9 ......Intel® Centrino® WiMAX 6150
14...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter #2
13...40 25 c2 53 4d 15 ......Microsoft Virtual WiFi Miniport Adapter
12...40 25 c2 53 4d 14 ......Intel® Centrino® Wireless-N 6150
11...10 1f 74 17 57 8a ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AOMEI Partition Assistant Standard Edition 5.8 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
AVG (HKLM\...\{8DD226F0-3866-4965-9101-488D2AEE3D3B}) (Version: 16.91.7688 - AVG Technologies) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
AVG 2016 (HKLM\...\{880D8FA8-C066-4D31-8B6F-0C69D90CB6B8}) (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
AVG Zen (HKLM\...\{BF161E81-2BF2-4602-A105-C4448733E1CA}) (Version: 1.72.1 - AVG Technologies) Hidden
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{0128D231-B23B-409C-A531-39D8D8774BA1}) (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{B6A3EAE4-3727-46A4-A659-8576BF7C8C8D}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{F638F65B-B435-44E0-9382-7F90BDB003E2}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}) (Version: 1.1.0.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{F8070C51-4B1D-430C-8BCF-19696368366F}) (Version: 4.0.110.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6329.0 - IDT)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® Wireless Display (HKLM-x32\...\{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}) (Version: 2.0.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{1C34B2AF-0D61-1784-8BC8-219F969BEFD6}) (Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.4 - Tweaking.com)
Validity WBF DDK (HKLM\...\{7C54D017-21BB-43AE-9746-33E78AF4A425}) (Version: 4.3.118.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMware Horizon Client (HKLM\...\{C7F8E8FA-0832-427E-B2B1-ABF6F8495C35}) (Version: 3.5.2.30397 - VMware, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

========================= Devices: ================================

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5

Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Device ID: PCI\VEN_8086&DEV_1C12&SUBSYS_1659103C&REV_B5\3&11583659&0&E1

Name: Intel® HM65 Express Chipset Family LPC Interface Controller - 1C49
Description: Intel® HM65 Express Chipset Family LPC Interface Controller - 1C49
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_1C49&SUBSYS_1659103C&REV_05\3&11583659&0&F8

Name: HP Deskjet 3050A J611 series
Description: HP Deskjet 3050A J611 series
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Device ID: ROOT\PRINTER\0000

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0D\4&99BC4AD&0

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Device ID: HID\VID_046D&PID_C52F&MI_01&COL03\8&2E2E3DC&0&0002

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_KBD\0000

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave
Device ID: ROOT\LEGACY_VGASAVE\0000

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_2687&PID_FB01&MI_01\7&29B31368&0&0001

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD
Device ID: ROOT\LEGACY_RDPCDD\0000

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Device ID: ROOT\RDP_MOU\0000

Name: msahci
Description: msahci
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msahci
Device ID: ROOT\LEGACY_MSAHCI\0000

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN1E47\4&99BC4AD&0

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_1659103C&REV_06\4&39567703&0&00E0

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx
Device ID: ROOT\LEGACY_VOLMGRX\0000

Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Device ID: PCI\VEN_8086&DEV_1C14&SUBSYS_1659103C&REV_B5\3&11583659&0&E2

Name: HP Deskjet 3050A J611 series (NET)
Description: HP Deskjet 3050A J611 series (NET)
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Device ID: ROOT\SCANNER\0000

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD
Device ID: ROOT\LEGACY_RDPENCDD\0000

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol
Device ID: ROOT\LEGACY_FVEVOL\0000

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\THERMALZONE\THRM

Name: HP Mobile Data Protection Sensor
Description: HP Mobile Data Protection Sensor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: Accelerometer
Device ID: ACPI\HPQ0004\2&DABA3FF&3

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap
Device ID: ROOT\LEGACY_VOLSNAP\0000

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP
Device ID: ROOT\LEGACY_RDPREFMP\0000

Name: VMware hcmon
Description: VMware hcmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hcmon
Device ID: ROOT\LEGACY_HCMON\0000

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv
Device ID: ROOT\LEGACY_MSISADRV\0000

Name: TOSHIBA MK7575GSX
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: IDE\DISKTOSHIBA_MK7575GSX_______________________GT001C__\4&E7EDAD9&0&0.1.0

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:
Device ID: ACPI\INT0800\4&99BC4AD&0

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt
Device ID: ROOT\LEGACY_VWIFIFLT\0000

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{1C7B1D13-7A9E-11E5-9EC5-806E6F6E6963}#0000000000100000

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP
Device ID: ROOT\LEGACY_HTTP\0000

Name: 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
Description: 2nd generation Intel® Core™ processor family PCI Express Controller - 0101
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Device ID: PCI\VEN_8086&DEV_0101&SUBSYS_1659103C&REV_09\3&11583659&0&08

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\2&DABA3FF&3

Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Device ID: PCI\VEN_8086&DEV_1C16&SUBSYS_1659103C&REV_B5\3&11583659&0&E3

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&19C4F05D&0&1

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\INT340E\2&DABA3FF&3

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6
Device ID: ROOT\LEGACY_WANARPV6\0000

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr
Device ID: ROOT\VOLMGR\0000

Name: HWiNFO32/64 Kernel Driver
Description: HWiNFO32/64 Kernel Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HWiNFO32
Device ID: ROOT\LEGACY_HWINFO32\0000

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr
Device ID: ROOT\LEGACY_RSPNDR\0000

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP
Device ID: ROOT\LEGACY_NATIVEWIFIP\0000

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&3

Name: AVG TDI Driver
Description: AVG TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgtdia
Device ID: ROOT\LEGACY_AVGTDIA\0000

Name: Validity Sensors (WBF) (PID=0018)
Description: Validity Sensors (WBF) (PID=0018)
Class Guid: {24619924-aa9e-486f-99f9-847a5986b6be}
Manufacturer: Validity Sensors, Inc.
Service: WUDFRd
Device ID: USB\VID_138A&PID_0018\04A4745DFF40

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: UMB\UMB\1&841921D&0&PRINTERBUSENUMERATOR

Name: WDKMD
Description: WDKMD
Class Guid: {034f6fb2-1bcc-41c9-9fd2-dbb357de0838}
Manufacturer: (Standard system devices)
Service: wdkmd
Device ID: ROOT\WIDI\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\INT3F0D\4&99BC4AD&0

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000
Device ID: ROOT\LEGACY_WDF01000\0000

Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&1DD41F66&0&1

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\CMO1719\4&3309971E&0&UID67568640

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy
Device ID: ROOT\LEGACY_HWPOLICY\0000

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv
Device ID: ROOT\LEGACY_SECDRV\0000

Name: TOSHIBA MQ01ABD100
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: IDE\DISKTOSHIBA_MQ01ABD100______________________AX1P1A__\4&E7EDAD9&0&0.0.0

Name: Intel® Centrino® WiMAX Enumerator
Description: Intel® Centrino® WiMAX Enumerator
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpenum
Device ID: ROOT\WIMAX\0000

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS
Device ID: ROOT\LEGACY_NDIS\0000

Name: Intel® Core™ i5-2410M CPU @ 2.30GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_42_-________INTEL®_CORE™_I5-2410M_CPU_@_2.30GHZ\_1

Name: 2nd generation Intel® Core™ processor family DRAM Controller - 0104
Description: 2nd generation Intel® Core™ processor family DRAM Controller - 0104
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service:
Device ID: PCI\VEN_8086&DEV_0104&SUBSYS_1659103C&REV_09\3&11583659&0&00

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000

Name: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
Description: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_1C20&SUBSYS_1659103C&REV_05\3&11583659&0&D8

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0000\4&99BC4AD&0

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf
Device ID: ROOT\LEGACY_WFPLWF\0000

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Device ID: ROOT\LEGACY_SPLDR\0000

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio
Device ID: ROOT\LEGACY_NDISUIO\0000

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000

Name: Intel® Centrino® WiMAX 6150 Function Driver
Description: Intel® Centrino® WiMAX 6150 Function Driver
Class Guid: {027a838e-7356-4a2f-a5bf-25a2a2c33fcc}
Manufacturer: Intel Corporation
Service: bpusb
Device ID: USB\VID_8087&PID_07D7\6&4CA3996&0&5

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep
Device ID: ROOT\LEGACY_BEEP\0000

Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: IDT
Service: STHDA
Device ID: HDAUDIO\FUNC_01&VEN_111D&DEV_7605&SUBSYS_103C1659&REV_1001\4&79907F8&0&0001

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0100\4&99BC4AD&0

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf
Device ID: ROOT\LEGACY_WUDFPF\0000

Name: intelkmd
Description: intelkmd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: intelkmd
Device ID: ROOT\LEGACY_INTELKMD\0000

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive
Device ID: ROOT\BLBDRIVE\0000

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy
Device ID: ROOT\LEGACY_NDPROXY\0000

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&1B0C2320&0

Name: CyberLink WebCam Virtual Driver
Description: CyberLink WebCam Virtual Driver
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd
Device ID: ROOT\MEDIA\0000

Name: Mobile Intel® HD Graphics
Description: Mobile Intel® HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: amdkmdap
Device ID: PCI\VEN_8086&DEV_0116&SUBSYS_1659103C&REV_09\3&11583659&0&10

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0103\0

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000

Name: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
Description: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service:
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_1659103C&REV_05\3&11583659&0&FB

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD
Device ID: ROOT\LEGACY_KSECDD\0000

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0200\4&99BC4AD&0

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_2687&PID_FB01\6&8ED02A3&0&3

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&2D170185&0

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt
Device ID: ROOT\COMPOSITE_BATTERY\0000

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg
Device ID: ROOT\LEGACY_KSECPKG\0000

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: ROOT\MS_AGILEVPNMINIPORT\0000

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Device ID: ROOT\LEGACY_NETBT\0000

Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Device ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_80860101&REV_1000\4&79907F8&0&0301

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\PNP0303\4&99BC4AD&0

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio
Device ID: ROOT\LEGACY_LLTDIO\0000

Name: Intel® Centrino® Wireless-N 6150
Description: Intel® Centrino® Wireless-N 6150
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Device ID: PCI\VEN_8086&DEV_0886&SUBSYS_13158086&REV_67\4&29BF16A3&0&00E1

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS
Device ID: ROOT\LEGACY_CLFS\0000

Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: INTEL
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1C26&SUBSYS_1659103C&REV_05\3&11583659&0&E8

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: ROOT\MS_L2TPMINIPORT\0000

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0

Name: Renesas Electronics USB 3.0 Root Hub
Description: Renesas Electronics USB 3.0 Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Renesas Electronics
Service: nusb3hub
Device ID: NUSB3\ROOT_HUB30\5&2DE2EC05&0

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG
Device ID: ROOT\LEGACY_CNG\0000

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy
Device ID: ROOT\LEGACY_NSIPROXY\0000

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0B00\4&99BC4AD&0

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANBH\0000

Name: cpuz137
Description: cpuz137
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cpuz137
Device ID: ROOT\LEGACY_CPUZ137\0000

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD
Device ID: ROOT\LEGACY_AFD\0000

Name: Radeon ™ HD 6490M
Description: Radeon ™ HD 6490M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: amdkmdap
Device ID: PCI\VEN_1002&DEV_6760&SUBSYS_1659103C&REV_00\4&2F8F60C0&0&0008

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C01\2

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_046D&PID_C52F&MI_00\8&104D3862&0&0000

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIP\0000

Name: Intel® Mobile Express Chipset SATA AHCI Controller
Description: Intel® Mobile Express Chipset SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor
Device ID: PCI\VEN_8086&DEV_1C03&SUBSYS_1659103C&REV_05\3&11583659&0&FA

Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: INTEL
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1C2D&SUBSYS_1659103C&REV_05\3&11583659&0&D0

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\1

Name: amdkmdag
Description: amdkmdag
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: amdkmdag
Device ID: ROOT\LEGACY_AMDKMDAG\0000

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null
Device ID: ROOT\LEGACY_NULL\0000

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2E233E0E&0&01

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr
Device ID: ROOT\LEGACY_MOUNTMGR\0000

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: ROOT\MS_NDISWANIPV6\0000

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C02\2

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{3F34BBB8-7D8F-11E5-B593-806E6F6E6963}#0000000000100000

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache
Device ID: ROOT\LEGACY_DISCACHE\0000

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw
Device ID: ROOT\LEGACY_PCW\0000

Name: ampa
Description: ampa
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ampa
Device ID: ROOT\LEGACY_AMPA\0000

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Device ID: HID\VID_046D&PID_C52F&MI_01&COL01\8&2E2E3DC&0&0000

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C04\4&99BC4AD&0

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv
Device ID: ROOT\LEGACY_MPSDRV\0000

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: ROOT\MS_PPPOEMINIPORT\0000

Name: Renesas Electronics USB 3.0 Host Controller
Description: Renesas Electronics USB 3.0 Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Renesas Electronics
Service: nusb3xhc
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_1659103C&REV_04\4&310A7424&0&00E3

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip
Device ID: ROOT\LEGACY_TCPIP\0000

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH
Device ID: ROOT\LEGACY_PEAUTH\0000

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi
Device ID: ROOT\LEGACY_ATAPI\0000

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl
Device ID: ROOT\LEGACY_DXGKRNL\0000

Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Device ID: PCI\VEN_8086&DEV_1C10&SUBSYS_1659103C&REV_B5\3&11583659&0&E0

Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_1659103C&REV_04\3&11583659&0&B0

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C09\1

Name: hp DVD-RAM UJ8B1
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: IDE\CDROMHP_DVD-RAM_UJ8B1________________________H.02____\4&E7EDAD9&0&0.2.0

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: ROOT\MS_PPTPMINIPORT\0000

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2E233E0E&0&02

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg
Device ID: ROOT\LEGACY_TCPIPREG\0000

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\0

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{3F34BBB8-7D8F-11E5-B593-806E6F6E6963}#000000529457E000

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: ROOT\MS_SSTPMINIPORT\0000

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Device ID: ACPI\PNP0C0C\2&DABA3FF&3

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx
Device ID: ROOT\LEGACY_TDX\0000

Name: HP TrueVision HD

Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_064E&PID_E258&MI_00\7&266896F9&0&0000

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched
Device ID: ROOT\LEGACY_PSCHED\0000

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSPCIESTOR
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_1659103C&REV_01\4&217313C4&0&00E2

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8139.86 MB
Available physical RAM: 5532.23 MB
Total Virtual: 16277.9 MB
Available Virtual: 13552.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:916.54 GB) (Free:673.04 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.68 GB) (Free:1.63 GB) NTFS
3 Drive e: () (Fixed) (Total:330.32 GB) (Free:187.05 GB) NTFS
4 Drive f: () (Fixed) (Total:368.32 GB) (Free:248.73 GB) NTFS

#13
RKinner

Posted 23 July 2016 - 09:30 PM

Malware Expert

Expert
24,624 posts

Not seeing anything unusual.

Going back to the slowness. Windows 7 normally defrags itself but if the laptop is off when the appointed time comes (usually 1 AM) then it doesn't get to do it. You might try a defrag just to see if it helps.

Computer, right click on C: Drive and select Properties then Tools. Defragment Now. Defragment Now.

#14
gregahoffman

Posted 24 July 2016 - 07:36 AM

Member

Topic Starter
Member
400 posts

ok, thanks.

do you think I should replace the second HD I use for backup? will that cure the problem with restore not working? what I did was purchased a new 750 GB HD for the primary and reloaded everything because I had a fan failure. I then installed the old 750GB HD and bought a cable and installed it in the secondary HD port inside the laptop. then I wiped it and partitioned it to use for backup.

#15
RKinner

Posted 24 July 2016 - 08:27 AM

Malware Expert

Expert
24,624 posts

Since you reinstalled Windows let's check the boot log:

Search for

msconfig

and hit Enter. This should bring up the System Configuration menu. Click on Boot and then check the box for Boot Log OK and Reboot.

This should create a file ntbtlog.txt located in C:\Windows\. This is a hidden system area so:

Control Panel, (View By: Large Icons) Folder Options, View.

Uncheck Hide Extensions for Known File Types

Uncheck Hide Protected System Files

Check Show Hidden Files,Folders and Drives.

Then open or attach the C:\Windows\ntbtlog.txt file.

let's also check for missing drivers:

Right click on Computer and select Manage and then Device Manager then View, Show Hidden Drivers. Now look in the right pane for yellow flagged devices. Right click on one and select properties then click on the Details tab. Change Property to Hardware IDs. Click on the top one then right click and copy. Paste that into a reply. Repeat for all yellow flagged devices.

That doesn't souind like a reason for backups to fail but

Let's see if we can run an Extended test on the hard drive. See if you can get Speedfan to work:

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it (Win 7 or Vista right click and Run As Admin.).

click on the S.M.A.R.T. tab. Click on the down arrow to the right of the Hard Disk box. Select your backup hard drive. Click on Extended test. This will take a while