Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow computer now blocking security updates and scans


  • Please log in to reply

#16
Bruce42

Bruce42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts

The Vino Rosso scan produced:-

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 20/01/2017 17:21:22

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 20/01/2017 15:59:01
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTIPLE&PROD_CARD__READER&REV_1.00#058F63666433&0#.
 


  • 0

Advertisements


#17
Bruce42

Bruce42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts

I have run the the FRST scan again, upon completetion I pushed 'fix', and received a window with the following text:-

No fixlist txt found.

the fixlist txt should be in the same folder/directory the tool is located

 

BUT you say fixlist.txt is NOT what you want. I am not getting a log ???


  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

I do not want to see the fixlist but FRST does.  That why it should be in the same folder.  Since it's not on your desktop, FRST can't find it.  Then when you push the Fix button it will find it and create the fixlog.


  • 0

#19
Bruce42

Bruce42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts

Right again - I had put the files into a folder so i had them all to hand very conveniently, but the application was of course on the desktop. I have put them together and pressed fix as requested, and it seems our friend is doing exactly what he does with other scans that I've tried. It freezes for a few minutes, then continues to run forever, stuck on the spot.

 

Two hours later now and still 'scanning'. OK to turn it off I guess.


Edited by Bruce42, 20 January 2017 - 02:10 PM.

  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

Yes.

 

Shut it down and reboot.  See if you can do a new FRST scan with Addition.txt checked.  Post both logs.

 

See if you can get RogueKiller to work:

 

 
  • Download RogueKiller  and save it on your desktop.  
  • Quit all programs 
  • Start RogueKiller.exe (right click and Run As Admin). 
  • Wait until Prescan has finished ...  
  • Click on Start Scan
  • Click on Start Scan
  • Wait for the end of the scan.  
  •  
  • Open Report
  • open Txt
  • Copy and paste the text from the report to a reply

    • 0

    #21
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    These are new scans by FRST which completed uninterupted, without any freezing.

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2017
    Ran by Bruce (administrator) on IRENE (21-01-2017 00:22:24)
    Running from C:\Users\Bruce\Desktop
    Loaded Profiles: Bruce (Available Profiles: Bruce & Frances)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [892608 2014-03-31] (Microsoft Corporation)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Run: [] => [X]
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Run: [Spotify Web Helper] => C:\Users\Bruce\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-23] (Spotify Ltd)
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
    GroupPolicy\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-1479852311-1289031698-2712840260-1001\User: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{27EFC2AF-958B-4A8D-9FFA-B08D14D9A23F}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{27EFC2AF-958B-4A8D-9FFA-B08D14D9A23F}: [DhcpNameServer] 192.168.1.254

    Internet Explorer:
    ==================
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
    Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\1jh29tqu.default-1478699463908 [2017-01-20]
    FF Extension: (Search Incognito) - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\1jh29tqu.default-1478699463908\Extensions\@searchincognito.xpi [2016-12-30]
    FF Extension: (AVG SafePrice) - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\1jh29tqu.default-1478699463908\Extensions\[email protected] [2016-11-14]
    FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-10-21] [not signed]
    FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-10-21] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2014-01-15] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: @acestream.net/acestreamplugin,version=2.1.10.1 -> C:\Users\Bruce\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Bruce\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Bruce\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Bruce\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bruce\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-1479852311-1289031698-2712840260-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Bruce\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Bruce\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-02-19] (Octoshape ApS)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default [2017-01-19]
    CHR Extension: (Google Slides) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-21]
    CHR Extension: (Google Docs) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-21]
    CHR Extension: (Google Drive) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-21]
    CHR Extension: (YouTube) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-21]
    CHR Extension: (Adblock Plus) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
    CHR Extension: (Google Sheets) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-21]
    CHR Extension: (Pocket Legends) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp [2016-10-13]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
    CHR Extension: (Gmail) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-21]
    CHR Extension: (Chrome Media Router) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
    CHR HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    StartMenuInternet: Google Chrome.5FPZC3RGFGKU22SHO5X5HBLIOU - C:\Users\Bruce\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
    R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1563648 2016-04-21] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o.)
    S2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
    S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-10-14] (WildTangent)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
    S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    S2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
    S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
    S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
    R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-11-22] (IBM Corp.)
    S2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-03] ()
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-07-06] (AVG Technologies)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
    R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
    S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
    R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-19] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-20] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-20] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-20] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-01-20] (Malwarebytes)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
    R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609053.sys [1181672 2016-09-16] (IBM Corp.)
    R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [566248 2016-11-22] (IBM Corp.)
    R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [235688 2016-11-22] (IBM Corp.)
    S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [489704 2016-11-22] (IBM Corp.)
    R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [548008 2016-11-22] (IBM Corp.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-01-21 00:22 - 2017-01-21 00:23 - 00019907 _____ C:\Users\Bruce\Desktop\FRST.txt
    2017-01-20 17:21 - 2017-01-20 17:21 - 00000753 _____ C:\VEW.txt
    2017-01-20 17:17 - 2017-01-20 17:17 - 00061440 _____ ( ) C:\Users\Bruce\Desktop\VEW.exe
    2017-01-19 19:32 - 2017-01-21 00:22 - 00000000 ____D C:\Users\Bruce\Desktop\Geeks to go
    2017-01-19 19:06 - 2017-01-20 18:59 - 00000000 ____D C:\FRST
    2017-01-19 19:06 - 2017-01-19 19:06 - 02419712 _____ (Farbar) C:\Users\Bruce\Desktop\FRST64.exe
    2017-01-19 16:37 - 2017-01-19 16:37 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
    2017-01-19 16:36 - 2017-01-20 21:07 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2017-01-19 16:36 - 2017-01-20 16:00 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2017-01-19 16:36 - 2017-01-20 15:59 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2017-01-19 16:33 - 2017-01-20 15:58 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-01-19 16:32 - 2017-01-19 16:32 - 00001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-01-19 16:32 - 2017-01-19 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-01-19 16:32 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
    2017-01-19 16:31 - 2017-01-19 16:31 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-01-19 16:31 - 2017-01-19 16:31 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-01-19 16:13 - 2017-01-19 16:13 - 00566128 _____ (Malwarebytes) C:\Users\Bruce\Desktop\mbam-clean-2.3.0.1001.exe
    2017-01-19 15:00 - 2017-01-19 15:05 - 00192604 _____ C:\Windows\ntbtlog.txt
    2017-01-18 14:17 - 2017-01-18 14:17 - 00000000 ____D C:\KVRT_Data
    2017-01-18 14:15 - 2017-01-18 14:16 - 108197264 _____ (Kaspersky Lab ZAO) C:\Users\Bruce\Downloads\KVRT.exe
    2017-01-10 21:23 - 2017-01-10 21:23 - 01663040 _____ (Malwarebytes) C:\Users\Bruce\Downloads\JRT(1).exe
    2017-01-06 14:17 - 2017-01-06 14:17 - 00000000 ____D C:\Users\Bruce\Documents\Amazon MP3
    2017-01-05 13:30 - 2017-01-05 13:30 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Local\VirtualStore
    2017-01-05 13:29 - 2017-01-05 13:29 - 00000632 __RSH C:\Users\TEMP.Irene.000\ntuser.pol
    2017-01-05 13:29 - 2017-01-05 13:29 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\Real
    2017-01-05 13:28 - 2017-01-05 13:28 - 00000020 ___SH C:\Users\TEMP.Irene.000\ntuser.ini
    2017-01-05 13:28 - 2017-01-05 13:28 - 00000000 _SHDL C:\Users\TEMP.Irene.000\My Documents
    2017-01-05 13:28 - 2017-01-05 13:28 - 00000000 _SHDL C:\Users\TEMP.Irene.000\Documents\My Videos
    2017-01-05 13:28 - 2017-01-05 13:28 - 00000000 _SHDL C:\Users\TEMP.Irene.000\Documents\My Pictures
    2017-01-05 13:28 - 2017-01-05 13:28 - 00000000 _SHDL C:\Users\TEMP.Irene.000\Documents\My Music
    2017-01-05 13:28 - 2016-09-21 05:57 - 00001343 _____ C:\Users\TEMP.Irene.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-01-05 13:28 - 2016-09-21 05:57 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\Adobe
    2017-01-05 13:28 - 2016-08-24 12:22 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Local\AVG
    2017-01-05 13:28 - 2012-07-16 20:56 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Local\Trusteer
    2017-01-05 13:28 - 2012-07-06 14:13 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Local\Microsoft Help
    2017-01-05 13:28 - 2010-12-09 15:14 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\Macromedia
    2017-01-05 13:28 - 2009-07-14 07:44 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\Media Center Programs
    2017-01-05 13:27 - 2016-07-18 05:50 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\RealNetworks
    2017-01-05 13:27 - 2013-01-31 12:56 - 00000000 ____D C:\Users\TEMP.Irene.000\AppData\Roaming\TuneUp Software
    2017-01-05 13:26 - 2017-01-05 13:30 - 00000000 ____D C:\Users\TEMP.Irene.000
    2017-01-01 17:32 - 2017-01-01 17:30 - 00105343 _____ C:\Users\Bruce\Documents\Imelda May, Black Tears-p04lkkpz.htm
    2017-01-01 17:30 - 2017-01-01 17:30 - 00105343 _____ C:\Users\Bruce\Downloads\Imelda May, Black Tears-p04lkkpz.htm
    2016-12-31 12:52 - 2016-12-31 12:52 - 01783335 _____ C:\Users\Bruce\Downloads\pg42671-images.mobi
    2016-12-30 08:35 - 2016-12-30 08:36 - 00013591 _____ C:\Users\Bruce\Downloads\Invoice 66671(1).pdf
    2016-12-28 08:05 - 2017-01-20 15:55 - 00026122 _____ C:\Windows\PFRO.log
    2016-12-28 08:05 - 2017-01-20 15:55 - 00003136 _____ C:\Windows\setupact.log
    2016-12-24 20:43 - 2016-12-24 20:43 - 00070736 _____ C:\Users\Bruce\Downloads\15730998_10154993509770864_1471966799_n.jpg
    2016-12-24 08:34 - 2016-12-24 08:34 - 00106515 _____ C:\Users\Bruce\Downloads\1877_Leaflet.pdf

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-01-20 23:50 - 2012-07-06 12:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2017-01-20 23:24 - 2012-07-05 21:42 - 00000000 ____D C:\ProgramData\MFAData
    2017-01-20 19:43 - 2016-11-16 06:42 - 00000000 ____D C:\Users\Bruce\AppData\LocalLow\Mozilla
    2017-01-20 19:00 - 2012-07-08 10:28 - 00000632 __RSH C:\Users\Bruce\ntuser.pol
    2017-01-20 19:00 - 2012-07-05 20:33 - 00000000 ____D C:\Users\Bruce
    2017-01-20 19:00 - 2009-07-14 03:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2017-01-20 17:35 - 2016-09-20 10:31 - 00003590 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
    2017-01-20 16:05 - 2009-07-14 04:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-01-20 16:05 - 2009-07-14 04:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-01-20 15:55 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-01-18 13:19 - 2012-07-05 20:46 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForBruce.job
    2017-01-18 07:01 - 2012-07-05 20:46 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBruce
    2017-01-17 15:52 - 2016-11-25 21:38 - 00000000 ____D C:\Users\Frances\AppData\LocalLow\Mozilla
    2017-01-17 15:47 - 2012-07-13 21:19 - 00001236 __RSH C:\Users\Frances\ntuser.pol
    2017-01-17 15:47 - 2012-07-05 20:55 - 00000000 ____D C:\Users\Frances
    2017-01-17 06:18 - 2010-12-09 14:49 - 00000000 ____D C:\ProgramData\PDFC
    2017-01-15 22:52 - 2012-07-06 18:55 - 00000000 ____D C:\Users\Bruce\AppData\Local\Spotify
    2017-01-15 16:40 - 2012-07-06 18:55 - 00000000 ____D C:\Users\Bruce\AppData\Roaming\Spotify
    2017-01-14 23:30 - 2016-04-11 06:18 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
    2017-01-12 18:38 - 2016-04-23 09:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2017-01-12 18:37 - 2014-12-26 22:32 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2017-01-11 06:50 - 2016-04-11 06:18 - 00003880 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2017-01-11 06:50 - 2012-07-06 12:31 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-01-11 06:50 - 2012-07-06 12:31 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-01-11 06:50 - 2012-07-06 12:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2017-01-11 06:50 - 2012-07-06 12:31 - 00000000 ____D C:\Windows\system32\Macromed
    2017-01-11 06:50 - 2010-12-09 14:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2017-01-07 11:45 - 2012-07-18 17:53 - 00000000 ____D C:\Users\Bruce\Documents\Bakers Court Business
    2017-01-07 09:26 - 2012-07-08 06:36 - 00000000 ____D C:\Windows\pss
    2017-01-07 09:26 - 2012-07-07 06:31 - 00000000 ____D C:\Users\Bruce\AppData\Roaming\Skype
    2017-01-05 20:22 - 2015-04-09 16:29 - 00000022 _____ C:\Users\Bruce\Documents\SalonSucess16.03.15GAEXISTING(1).zip
    2016-12-31 14:51 - 2016-04-11 15:20 - 00026529 _____ C:\Users\Bruce\Documents\Bruce's Expenses.xlsx
    2016-12-31 12:58 - 2012-07-07 07:39 - 00000000 ____D C:\Users\Bruce\Documents\My Kindle Content
    2016-12-28 08:11 - 2010-12-09 14:49 - 00000000 ____D C:\Windows\SoftwareDistribution
    2016-12-23 08:02 - 2016-09-21 10:51 - 00011242 _____ C:\Users\Bruce\Documents\Fran's Pills.docx
    2016-12-22 21:36 - 2012-07-05 20:55 - 00000000 ____D C:\Users\Frances\AppData\Local

    ==================== Files in the root of some directories =======

    2012-10-13 13:32 - 2012-12-22 08:41 - 0000268 ___RH () C:\Users\Bruce\AppData\Roaming\Galactic Static
    2012-12-22 08:42 - 2012-12-22 08:42 - 0000268 ___RH () C:\Users\Bruce\AppData\Roaming\Galaxy Swirl
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000268 ___RH () C:\Users\Bruce\AppData\Roaming\Gems
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000268 ___RH () C:\Users\Bruce\AppData\Roaming\Helper Scripts
    2014-03-10 07:06 - 2014-03-10 07:06 - 0003584 _____ () C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-05-12 15:46 - 2014-05-12 15:46 - 0000855 _____ () C:\Users\Bruce\AppData\Local\recently-used.xbel
    2012-08-07 15:19 - 2016-06-15 18:51 - 0007668 _____ () C:\Users\Bruce\AppData\Local\resmon.resmoncfg
    2012-12-22 08:39 - 2012-12-22 08:39 - 0000000 _____ () C:\ProgramData\Filter
    2012-12-22 08:39 - 2012-12-22 08:39 - 0000000 _____ () C:\ProgramData\Funk Animals
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000268 ___RH () C:\ProgramData\Grand Piano
    2012-12-22 08:42 - 2012-12-22 08:42 - 0000268 ___RH () C:\ProgramData\Grapher
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000268 ___RH () C:\ProgramData\Graphics
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000012 ___RH () C:\ProgramData\Horn Section
    2012-12-22 08:42 - 2012-12-22 08:42 - 0000012 ___RH () C:\ProgramData\Hybrid Basic
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000012 ___RH () C:\ProgramData\Hybrid Morph
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000012 ___RH () C:\ProgramData\Legacy
    2012-12-22 08:41 - 2012-12-22 08:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
    2012-10-13 13:32 - 2012-12-22 08:42 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
    2012-10-13 13:32 - 2016-11-10 15:15 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
    2012-10-13 13:32 - 2012-12-22 08:41 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

    Some files in TEMP:
    ====================
    C:\Users\Bruce\AppData\Local\Temp\NOSEventMessages.dll
    C:\Users\Bruce\AppData\Local\Temp\SkypeSetup.exe


    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2016-11-04 18:25

    ==================== End of FRST.txt ============================

     

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2017
    Ran by Bruce (21-01-2017 00:24:07)
    Running from C:\Users\Bruce\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2012-07-05 20:33:35)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1479852311-1289031698-2712840260-500 - Administrator - Disabled)
    Bruce (S-1-5-21-1479852311-1289031698-2712840260-1000 - Administrator - Enabled) => C:\Users\Bruce
    Frances (S-1-5-21-1479852311-1289031698-2712840260-1001 - Limited - Enabled) => C:\Users\Frances
    Guest (S-1-5-21-1479852311-1289031698-2712840260-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
    FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
    Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
    Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
    Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
    Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Amazon Kindle (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
    Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
    Amazon Music (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
    AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies)
    AVG 2015 (Version: 15.0.4749 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.6201 - AVG Technologies) Hidden
    AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
    BBC iPlayer Downloads (HKLM-x32\...\{D8753E3F-B86E-4BA6-A44A-6D92BFB38519}) (Version: 1.11.0 - BBC)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    calibre 64bit (HKLM\...\{C50C44CA-48EE-4052-B629-6413080A0DDD}) (Version: 2.63.0 - Kovid Goyal)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
    DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
    GoGear SA19xx Device Manager (HKLM-x32\...\{CF35000B-8247-449B-85C9-D9C2A5936683}) (Version: 0.1 - Philips)
    GoGear SA19xx Device Manager (x32 Version: 0.1 - Philips) Hidden
    GoGear SA19xx Device Manager (x32 Version: 0.1 - PhilipsDM) Hidden
    Google Chrome (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
    HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
    HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
    HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
    HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
    HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
    iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
    Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
    Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
    John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Kobo (HKLM-x32\...\Kobo) (Version:  - )
    LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
    Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
    Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
    Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
    Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Camera Codec Pack (HKLM\...\{0CEAE836-900A-491F-8BCF-5E3B94C29489}) (Version: 16.4.1899.0416 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
    Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
    Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
    Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
    Mozilla Firefox 50.1.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-GB)) (Version: 50.1.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
    MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
    MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
    MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
    Nikon File Uploader 2 (HKLM-x32\...\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}) (Version: 2.00.0001 - Nikon)
    Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
    Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
    Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
    Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
    Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
    Octoshape Streaming Services (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
    Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
    Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.9 - Panda Security)
    PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
    PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.0 - Nikon)
    Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
    PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
    Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
    Rapport (Version: 3.5.1205.20 - Trusteer) Hidden
    Rapport (x32 Version: 3.5.1609.107 - Trusteer) Hidden
    RealDownloader (x32 Version: 18.1.5.699 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Recovery Manager (x32 Version: 5.5.3025 - CyberLink Corp.) Hidden
    RTC Client API v1.2 (HKLM-x32\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
    Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
    Serif CraftArtist (HKLM-x32\...\{C1B148C9-FACF-45F1-8356-4E1C5E3DAA5B}) (Version: 1.0.6.046 - Serif (Europe) Ltd)
    Serif DrawPlus Starter Edition (HKLM-x32\...\{33311EA4-0ECA-4E7F-83E5-8A92CD760152}) (Version: 2.0.2.010 - Serif (Europe) Ltd)
    Serif Photo Projects (HKLM-x32\...\{D87677F6-5F58-4BB9-8D50-78A1BF9C2F33}) (Version: 1.0.2.024 - Serif (Europe) Ltd)
    Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.2.012 - Serif (Europe) Ltd)
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
    Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
    Spotify (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.107 - Trusteer)
    Unity Web Player (HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
    ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
    Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
    vs2015_redist x64 (Version: 1.0.0.0 - Realnetworks) Hidden
    vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
    Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent)
    Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
    Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.2.3972 - Zinio LLC)
    Zinio Reader 4 (x32 Version: 4.2.3972 - Zinio LLC) Hidden
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Zuma's Revenge! - Adventure (HKLM-x32\...\Zuma's Revenge! - Adventure) (Version:  - PopCap Games)
    Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Bruce\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02BB3D65-19BE-4E90-A83D-36E48BA25ABE} - System32\Tasks\{1E1E7784-29D0-42B6-91D4-F15F14205168} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {0757CC30-ADB2-42DF-A691-3AD80DAE16DA} - System32\Tasks\{7C0E046C-CBFF-4F9B-8E46-B933F880C9D7} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {0B19BA51-0471-4409-B685-AFD193C643CD} - System32\Tasks\{18CD543F-4424-4487-9A8C-08892755D502} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {0F0C5856-5A58-4CEE-861D-ACFC5C209C7A} - System32\Tasks\{A6B36F1D-5C04-4B3F-AA2E-1F729F4052FD} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {1180CE4B-10FF-4692-ACD7-F5F1F3C44475} - System32\Tasks\{077F4826-690F-435B-8288-C2599237049A} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {1397CD0A-6D8A-4403-BB56-FE124B871EA5} - System32\Tasks\{BE21D7C2-AAC0-49F9-BD3F-2D47A51F7F83} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {146F8FD6-6D1C-4805-89C3-124E83BE93F1} - System32\Tasks\{CC4EFB50-A60D-40D3-A7BC-88BD5CEC1462} => C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe [2016-09-12] ()
    Task: {150A6F14-25B1-4E4B-8D6B-97BEE9F451F3} - System32\Tasks\{0153A337-4205-4BF8-9C39-6B3C2576FDB9} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {1510AA62-D6ED-4819-8B31-3C001E2DB429} - System32\Tasks\{2F1E8C35-E3DF-4A82-B8FB-339711D502F3} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {15E14268-5EDB-42F4-A3AD-2E45EC5DD8D2} - System32\Tasks\{A5C7FB21-E9B0-4157-8A6E-C5E0FE82CB8A} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {17DCD81C-F075-4090-8255-2423D30132EB} - System32\Tasks\{1040F714-03E2-43C0-9886-4490154F3017} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {18B10BBC-707E-45CB-8811-800B4C6D7372} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
    Task: {1B875FB2-547E-49D1-9453-392CF4F60FA8} - System32\Tasks\{9DE36E4C-CFC8-4007-B259-AD67E28402C4} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {1DD30930-3721-464A-A65A-6C0085A4006E} - System32\Tasks\{B97F9829-467F-4D13-B115-2758E8B62D0E} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {236FAC65-BD79-45DF-AB4B-9B3425F0013C} - System32\Tasks\{E2906F7F-52C7-454C-857C-9459C723FE31} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {23C3BD4D-38DE-4F8A-BC26-B63BC35DE9CA} - System32\Tasks\{2CBF4F9B-B0A9-490D-94A6-858999B4CABF} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {26872C7F-C53B-43EF-BA28-81D389897683} - System32\Tasks\{04950F8E-B05F-4BFC-9843-C066FCEE9ED6} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {2873CC6C-663A-4F9F-ADA1-825651700AF1} - System32\Tasks\{42AB5E33-BB15-4DCC-BFF3-7AA71681D404} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
    Task: {298B8B8E-4A1C-45A4-8DAF-11F8A39F7669} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479852311-1289031698-2712840260-1000Core => C:\Users\Bruce\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
    Task: {2BC46CC6-6119-44D1-8220-54CD21BE4857} - System32\Tasks\{C652315A-9ADD-40EB-A34F-3641F0209125} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {2E06650B-2104-4636-90AC-453F5B106DDF} - System32\Tasks\{DD7C71E9-4984-4350-B7E4-08CE855D2578} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {2EA8ACA4-9A6E-4630-BD58-99FA394331DD} - System32\Tasks\{01B6BBA8-CB44-40BD-81A7-5BFDE4B1C339} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {2EEEE7B8-4479-4DA1-9DF0-FDE2F5431E91} - System32\Tasks\{F745A42A-FC38-4287-B770-63E5F8C7A013} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {30767B76-8438-4FA8-9ADC-B6E763038D75} - System32\Tasks\{F854DA57-FE9A-4E4D-9A9D-8DE8EBA9B3D7} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {31F31F69-5702-482E-A154-7A83800776C4} - System32\Tasks\{96BC8096-AF17-4542-B280-D59DEFEE566D} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {33A6DD44-42D0-4CD3-B6A8-2A05FBDE65BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {3691F861-542A-482B-A2B2-0700654A2197} - System32\Tasks\{D9A47C95-C072-4221-9917-FBDB406A09F3} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {37CA6698-4107-4A9D-991E-DAE16E226508} - System32\Tasks\{7DF98E04-8810-4EB6-A900-52181C105C52} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {3B32B9EC-709A-4725-9007-835082CA5533} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {3F75F252-B615-41CC-BA0F-E0CCB5DBB03F} - System32\Tasks\{9446CA5C-9E95-41AF-8AFC-99CE24AC13A7} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {413E4985-7801-40CD-8BEB-0DBEA0258EBE} - System32\Tasks\{6F9DAE44-576B-452E-BC5A-762B57583ABA} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {43528F04-0B4B-4EB9-9D59-5670B272F762} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {4356AE2F-22F9-40BD-872B-CB04451FF28D} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {43CDDFF5-7CC6-46D4-8B96-1C03CA3DB6C5} - System32\Tasks\{6F756E2A-7435-4607-B789-F4858DAF3EE0} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {44EB95A2-F9B5-42AA-9DD9-F0125ECF0AA4} - System32\Tasks\{6943F5FD-BF22-46AC-8EBC-85BDA5911663} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {46EA21CD-4B70-46BF-A83B-1BAC44C23F49} - System32\Tasks\{AE7FC8B9-A1BC-4E42-BD12-5FF172E3AEC2} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {498F1C28-B66B-4C08-A762-B76571C4159A} - System32\Tasks\{4887780A-8CFE-4C9D-B015-AEB51767DBF9} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {4AF56FFB-F471-4065-992C-AC645A095D78} - System32\Tasks\{D136421D-98D8-4467-99C3-9982890110EB} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {4B6512D8-06C0-4541-8F62-3A58ED478C8F} - System32\Tasks\{B59DA54F-1923-474A-BAF4-AB0F360DC8A6} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {4D6C2C7A-C90E-4E39-A85C-8C73709AA734} - System32\Tasks\{B79A6727-8DD3-4A51-A67D-FD3FC327779B} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {4FAD9543-CED1-4971-B9E6-70709264ED90} - System32\Tasks\{88A644D1-C931-4441-B33D-651964EDDE8D} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {5123955E-B39B-47FA-95DC-6B221F6E0858} - System32\Tasks\{E0E3F584-E78D-4965-984F-09D1A846ECC2} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {517C8452-71BF-47B4-99D9-F925384AB097} - System32\Tasks\{5DB6D197-C506-4BF9-AF45-74D709945977} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {543ECAF9-4515-4B2B-87B6-16F2D3E02529} - System32\Tasks\{F0919D05-0903-48DF-8A80-09D66EC596D9} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {5584B9CB-0E77-45B2-92A3-EB4AC4EB6345} - System32\Tasks\{EDCEF980-9E8C-482D-BEEE-0DD6B5CDE540} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {5A326088-6D50-48F2-927F-7C42556BFC15} - System32\Tasks\{507C4835-5A84-425F-BA42-9AD2D0B644A8} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2015-03-18] (AOL Inc.)
    Task: {5B790327-4112-4A53-A8AD-7E2D2127C6D8} - System32\Tasks\{CDF4FD45-EA33-4DE7-8171-6FA42176A2DC} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {5BBA60AF-B969-47F1-A132-BA50A9E4CCCA} - System32\Tasks\{25C040ED-9506-4C70-B9A1-6499BBB741EE} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {5E4B5C79-F4C3-4C93-AABB-15C0BC877657} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {638832F4-1E55-40B9-874B-A4A66E1C3028} - System32\Tasks\{AE0A14D6-12DB-4623-B9F7-4490023F9E63} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {64814359-DAB1-4EAF-A55D-A26345C67ED0} - System32\Tasks\{74E2077A-3E51-45D5-ACE3-B6E7C27D2768} => C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe [2016-09-12] ()
    Task: {67C60CA0-07BB-41DE-AEAE-0E82484313DB} - System32\Tasks\{2A1BC305-1828-4BBE-8769-378A0BAFC970} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {68444DD0-BE27-4261-BD7A-37028AC21649} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {69793BDF-61CB-45F2-8E0F-A079E282F303} - System32\Tasks\{582547EF-0556-4AB6-8AA0-3086784A2BB3} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {6C203CA7-935E-4316-BDE9-A486FFBCBE19} - System32\Tasks\{F2E2B51E-D1D2-49D5-84DD-EF803F5C710E} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {6D0196DD-C1E2-427A-ADB4-F3E57FFCD108} - System32\Tasks\{94C6F751-F272-487B-95B6-479CB22CE859} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {72A788D7-D1E2-483E-B707-8253C6332219} - System32\Tasks\{0D1D6B21-8BFC-4219-BC4A-7DB21FF3BE84} => c:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
    Task: {72AE0048-23C5-46E6-B405-14EF26BFB980} - System32\Tasks\{01FBC8C2-737A-47FB-8DF1-F7A050287183} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {737DF108-AFA5-4182-9FAD-AA9678B1040A} - System32\Tasks\{FDF8E07A-D4B2-40CD-90C9-C0705C603CBB} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {755F6C1A-704F-42A5-97DE-31972BDE6001} - System32\Tasks\{AA410913-6EE3-4B7D-BB20-E4728AC4C58B} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {807EA712-868D-4A27-989C-854D92FFDA95} - System32\Tasks\{46BF5734-C206-43F7-8200-BEB9A99B8A43} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {825E7073-59CA-490A-83B9-453C169DB62D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
    Task: {840B5C4C-6610-4896-91D4-5C9D82F992CE} - System32\Tasks\{B4DCC82A-C108-4040-B37E-09BA7415EE3E} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {85C7BE88-F9ED-4B75-A2C2-BAB9D07A2090} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479852311-1289031698-2712840260-1000UA => C:\Users\Bruce\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
    Task: {89DCDC54-04F1-47C4-A9A8-8DC9D8F1A64C} - System32\Tasks\{7D892B5D-A499-4B51-B5E7-D9010305D7F3} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {8AB6C35B-D8F4-4C6C-9788-5E85C4DD07E1} - System32\Tasks\{2141BE8D-C6B8-44D4-9A22-535B7E84814C} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {8BF7F36A-310B-48F8-B4FC-7026029173EF} - System32\Tasks\{AC6431B1-B272-4D7B-92F5-E1ADEE640723} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {8EC71E25-AF7B-4603-9F14-70550AEFF9F5} - System32\Tasks\{C51F4C76-5078-4F7B-A4A2-F68775BD08A3} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {8EDB00C2-9C61-4CBE-BA4C-FE290C8E959E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {90C78D7C-F072-4939-BC35-D5187D1BFDAE} - System32\Tasks\{7CFC8E3E-EA64-481E-B99B-C6586C81AC60} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {9512DBA5-1931-422A-ADBE-926B2CFA6E08} - System32\Tasks\{D82D6A5F-6F84-43C9-947D-AC52AA0E5546} => C:\Program Files (x86)\AOL Desktop 9.7b\aol.exe [2015-03-18] (AOL Inc.)
    Task: {9913956C-8DDD-4F2F-9607-DB5EFB710CD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
    Task: {9C89882C-C904-4125-9949-E625E074CE21} - System32\Tasks\{EF7BADE5-6FAB-46B4-AE5F-26DE7FE157DC} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
    Task: {9D0D440C-9CE5-450C-A0E8-9D04817678E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-12] (HP Inc.)
    Task: {9EA971D6-93D0-4568-9443-7A1484EFB484} - System32\Tasks\{4401F783-E480-43DD-9004-3001A9A5A314} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {A07091F4-3919-4414-9194-1BF0E941D7EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {A112ABF6-E729-4646-85B4-82C52BB5E455} - System32\Tasks\{4F129584-DB9A-40F3-A0FA-14BFD8FFF808} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {A4721BDD-C72B-4EB4-9363-F22E29FE0FEB} - System32\Tasks\{820E08BD-63C0-4D92-B424-31A204BDC8BF} => C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe [2016-09-12] ()
    Task: {A7FDE5A5-43F5-4214-9212-347AE26CE0C6} - System32\Tasks\{B98F02E8-E710-4BD8-97D4-0F513CC13B62} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {A978C119-F943-4D2F-824D-8179EC59393D} - System32\Tasks\{3B45BA47-4CDB-4369-B8A6-421A393974BC} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {A9DD49DB-CB00-4F9D-8AF5-138F1CAB2125} - System32\Tasks\{364252E8-621D-4ED1-9F14-BAA6C1DFA602} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {AB2F894F-D070-4FFD-A9B1-A26ABBD1F1BF} - System32\Tasks\{117B543C-4983-4060-9E09-A61607A112F5} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {AD9274C7-84B6-4545-9290-99FBB803E4F6} - System32\Tasks\{2CDE3539-F50D-4C6E-848D-CFF2017B4EEB} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {AF34F34B-F553-4077-A6B6-2003C3E11FF0} - System32\Tasks\{31473EDE-3C48-4552-BF03-4C519F438C26} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {B589D9D0-4004-42C3-9813-111161B7A400} - System32\Tasks\{B703000E-1D68-4E1E-838E-C122E0C58ACD} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {B5E04A94-37CB-435A-A901-D31E8CE20463} - System32\Tasks\{D2736A2F-4E24-4A58-9A4A-252122D221A3} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {B87DDEF5-F226-4875-A2D0-0339ECAE360B} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {B8F78473-1599-4A93-AA01-8285C0A23A81} - System32\Tasks\{F935A272-1FAC-4E29-B78F-73D66773B98B} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2015-03-18] (AOL Inc.)
    Task: {BA080F7A-72EF-4F19-A52C-504A87018D88} - System32\Tasks\{066386FB-ABC2-4EA3-AABA-9C8A3FFEA9F6} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BA29CEB0-9D66-44A1-8C20-C16A037881F9} - System32\Tasks\{6CC5FDED-A277-4045-8FEA-2BED51A7F2F0} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BB34C0DC-399A-4AF2-B643-55D22AC11430} - System32\Tasks\{9415565F-7E5A-49F9-8AA9-0A8BCA430EAC} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BB667C7E-9E55-4E41-970B-15A96712AC35} - System32\Tasks\{415EB7D0-B13F-4BB8-B61C-7DBA7274D2EC} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BBAFE3DF-0743-4128-AC85-39C5157044F8} - System32\Tasks\{419BF509-140B-4504-98B2-555F497CB749} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BF257A44-21DB-4BFD-98D6-8C4C4883B68C} - System32\Tasks\{E09BE143-8CE2-4651-8F44-4F3FCA5A9885} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {BFA62B7C-6A4D-4A49-81D9-893A33E59F06} - System32\Tasks\{D464F35B-5096-4359-A433-E2E0A4F52599} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {C4FA7BE9-BDDA-4C9B-83ED-0954596EAD26} - System32\Tasks\{5529E500-E5EA-4DAD-ADD4-255C524EA930} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {C568BA1D-4BED-486E-83A0-645999814D53} - System32\Tasks\{FB2AC198-A404-4E76-B97E-E674A52A4157} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {C6E7004B-A93E-4068-A319-24B02306ABEC} - System32\Tasks\{2D8E857C-3D2C-4FD7-8F0D-AD926AF5833D} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {C7D7408E-BAEE-45BA-994F-9476C16727A1} - System32\Tasks\{1B0319B5-8E92-4FEF-9BAC-87FD27801AB2} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {C89D3083-EB55-4D5D-BCC3-D37232C82B49} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
    Task: {C9BA2B27-F714-4A28-B3C1-CBC9011E5175} - System32\Tasks\{6466DA6C-D3B3-49C8-8916-176A662B6473} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {CBCF7108-FBBF-487D-BD67-430618B18F13} - System32\Tasks\{50FE3B3D-AF7D-444D-A7AB-96E1A6C67E13} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {CE09CB71-4A64-485D-9019-E69B6F22AC88} - System32\Tasks\{AEFC7C3A-E176-491F-884A-6DCF72834661} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {CE50F8B6-C959-4C39-A32C-435819DAD001} - System32\Tasks\{30698D33-F1C4-451A-B4B9-DC2D87F78BE1} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {D1656B1E-2B3D-42AF-A85A-E18C446788DB} - System32\Tasks\{E70504FC-FEDD-4411-9377-05324A25061A} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {D1C6CC99-DB13-4460-AD42-2155300451ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
    Task: {D1D52484-3D54-4240-9A98-90AB351380D4} - System32\Tasks\{DBBFBC89-D3BD-4AB9-B81D-E82FA03F4494} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {D3E424D6-38DE-478D-BCBF-42E5C8226392} - System32\Tasks\{2068950A-44CA-4FEF-9FCD-7D42EAA812FF} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {D3E5C563-6A35-4DF5-9E59-10DDA9A4013D} - System32\Tasks\{7DB3A216-A86C-4D08-A950-7782BBD4D567} => pcalua.exe -a E:\SETUP.EXE -d E:\
    Task: {D573E836-02F6-4011-8B20-745EE17DCA78} - System32\Tasks\{F471AA8C-6290-4263-BDCA-196AA8507224} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {D5B80DA0-CA12-4AE1-8EDD-499B5F513E26} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated)
    Task: {D81D153E-0EEE-4E22-8384-7357F3D2162A} - System32\Tasks\{F776DCFF-0135-48D5-B4BD-68A63C965DCD} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
    Task: {DA211E34-C72F-4BC5-933E-642C017094F6} - System32\Tasks\{8911CF6F-49D0-4DF5-BDA8-FE1F995CC115} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {E1722FA0-0EBF-4FA2-A7E1-F1823DC1CBF0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {E75C4F56-78E7-438D-AF06-FBD93CB9F5C9} - System32\Tasks\{6373226F-DFED-4A57-8D34-A83B5C89E947} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {EA1D61BF-A74F-46FE-8C08-C8767DBA87DB} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
    Task: {EAC39978-FF71-45A1-95DB-0B29B1FF8343} - System32\Tasks\HPCeeScheduleForBruce => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {ECC1E4A7-FCB2-495E-A0C4-CCACB96C5FA2} - System32\Tasks\{23073BA2-44FF-4BF2-BE93-073394C29C07} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {ED3EFDF8-8DA4-4187-A470-641CCD1460FD} - System32\Tasks\{D04E40EB-693E-42F6-8042-8C4AB357C5C5} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {EDAAB4F9-9993-4A07-92B7-609487BC3636} - System32\Tasks\{D4CA91F1-BE4E-4850-BBE9-91771B27411D} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {EDB8ED83-F189-43A4-8E2E-83FE46B581D4} - System32\Tasks\{EECC8825-4973-44AB-B2C5-AC6CD9F8BF79} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2015-03-18] (AOL Inc.)
    Task: {F1253407-3075-40A0-B4DC-CE6F54654A72} - System32\Tasks\{0A9FBFAA-E1C5-40BF-A808-6F1A957DFB1D} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {F21E3342-6105-4ACB-A6CB-3526E56DABB2} - System32\Tasks\{928C5F9C-7EA7-4095-8B78-D6A717CCBB3C} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {F3807CAE-D98C-4976-BA14-8293B6792B73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {F4B1555B-4865-4123-9A8F-56D532B49650} - System32\Tasks\{CBC47437-F8DE-4ADC-AD6B-B90E1304BCE0} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {F4BF3ED6-ED36-4AC3-9109-9AF76B691744} - System32\Tasks\{DD9586CA-AF20-4D22-81E8-606FB254A1B6} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {F5F62D3A-32D5-4F09-84A2-981A944A569C} - System32\Tasks\{0E57CF4C-C805-4CA6-9E98-A2679340235B} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {F925843C-A811-41EC-ABD3-61DA8B6E1E02} - System32\Tasks\{AC836028-A91E-4127-BB4C-AAB659B92EF6} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2015-03-18] (AOL Inc.)
    Task: {FA119425-579B-4000-868D-25515F60BDAF} - System32\Tasks\{D4631943-737A-4D29-A777-A687CDDA79D4} => C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe [2016-09-12] ()
    Task: {FAFD8CC7-4970-40D6-982F-F043CD0EB90E} - System32\Tasks\{80F73C29-1B33-4B06-BC01-26E43EB71009} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {FD0614C8-8590-487A-80AF-4CB1B0115DB0} - System32\Tasks\{4C5302A3-FE42-47FA-AA13-49CBB1A61B4C} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2015-03-18] (AOL Inc.)
    Task: {FDC78D52-3726-4064-835D-CB6172D5A603} - System32\Tasks\{CA4BDC68-E11B-4413-A439-B06FD288B8A3} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe [2014-07-02] (AOL Inc.)
    Task: {FEF7C0AA-8FBB-44D3-B25C-2594F2D93C9F} - System32\Tasks\{F0BB31E1-6BAC-4547-8C28-A06BB2160BC5} => C:\Program Files (x86)\AOL Desktop 9.8.0a\aol.exe [2015-08-06] (AOL (UK) Limited)
    Task: {FFF636DE-63B7-48A0-A90D-9A36B1E34719} - System32\Tasks\{A775A737-8166-41D0-BB78-2702D7966C4C} => C:\Program Files (x86)\AOL Desktop 9.8.0\aol.exe [2015-08-06] (AOL (UK) Limited)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForBruce.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2017-01-19 16:32 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-01-19 16:32 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
    2017-01-19 16:32 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 17:12 - 2015-03-20 17:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-06-15 04:57 - 2011-06-15 04:57 - 00034304 _____ () C:\Windows\System32\ssb6mlm.dll
    2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
    2016-11-28 18:43 - 2016-11-28 18:43 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
    2015-03-20 17:12 - 2015-03-20 17:12 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:041C0562 [119]
    AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [133]
    AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
    AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\eset.com -> hxxps://www.eset.com
    IE trusted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\...\123simsen.com -> www.123simsen.com

    There are 7810 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 02:34 - 2014-08-26 19:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1       localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1479852311-1289031698-2712840260-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: c2cautoupdatesvc => 2
    MSCONFIG\Services: c2cpnrsvc => 2
    MSCONFIG\Services: RealTimes Desktop Service => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
    MSCONFIG\startupreg: Amazon Music => "C:\Users\Bruce\AppData\Local\Amazon Music\Amazon Music Helper.exe"
    MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Bruce\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"                                                                                                                                                                                      
    MSCONFIG\startupreg: BingSvc => C:\Users\Bruce\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    MSCONFIG\startupreg: Google Update => C:\Users\Bruce\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
    MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1409514765\ee\AOLSoftware.exe
    MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
    MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
    MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
    MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Bruce\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
    MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
    MSCONFIG\startupreg: RealDownloader => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    MSCONFIG\startupreg: Spotify => "C:\Users\Bruce\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bruce\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{6A6DA8FA-D39A-44CC-9A63-D1A772A2D28A}] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
    FirewallRules: [{9F1862FD-FF55-4B7A-BA43-5E03EC894064}] => C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
    FirewallRules: [{DF66588F-55DF-4B81-BAC7-00F6458F5709}] => C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
    FirewallRules: [{460B7E2F-E427-47D9-9F29-9D6AC3EFD727}] => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
    FirewallRules: [{6E1C2F96-978D-4B9C-958F-55DBC0F81350}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [{401587BC-A388-401C-B8B5-3882598E96B9}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{7D6F3F75-F8E6-4BDE-A5E5-5C21E75EBF82}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{6D8766DB-A2B0-4BFA-8075-4806EE300866}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{2044AE88-432D-4FF5-9EA2-8611D4AA12A7}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{B2CBA7B7-6EB2-4DAD-8DD8-8356176F8F8C}] => C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{C77A0182-34C0-4EC3-927C-F0DC0B84DED5}] => C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{28598AEA-1D75-4DA3-95F7-4465EC992270}] => C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{123C39F8-D608-4C9C-BDDC-52FF8256CE2F}] => C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{6CE26111-3C18-4186-8B64-B826E7228645}] => C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{CC738B6C-B095-4A3F-A02C-61F39259A525}] => C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{D90703BF-78E6-4DE7-8020-32B3D2D83D56}] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
    FirewallRules: [{9D26E6AD-572A-44E1-BF2C-4E21B2E57380}] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
    FirewallRules: [{07E2C7D4-7140-45C1-9450-0F877CDB9697}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{DCAE41EA-AB39-4F1B-93BE-D81E775F5942}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{4475B372-64C4-4B47-B7DC-5A67334B2116}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
    FirewallRules: [{08D3660D-5935-4D53-AC49-FA2215ED096C}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{6C67F48C-7388-4271-98A1-CF8E811B86D7}] => C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
    FirewallRules: [{B848A9B5-CAD9-4F6C-B5D8-B51BE8D2AD48}] => C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{F4531538-9055-40C3-93DC-9FCEB6B4D1E0}] => C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    FirewallRules: [{13B77EC6-F8FD-484F-8170-3C01B622B683}] => C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{DCF8F5FD-8B0C-45EB-9123-753776E1EC0B}] => C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
    FirewallRules: [{9F52B369-543A-4121-B85C-982F715732F8}] => C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [{B478845B-964E-4FCA-9263-D5D6E559B55E}] => C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
    FirewallRules: [TCP Query User{F79A84F9-E294-423E-A363-EA20D6C888C5}C:\users\bruce\appdata\roaming\spotify\spotify.exe] => C:\users\bruce\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{8DD01765-30D3-4009-96DB-24DD290A7321}C:\users\bruce\appdata\roaming\spotify\spotify.exe] => C:\users\bruce\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{A8A211B9-3D31-4E51-A2A6-F6D0944D2AB4}] => C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{5E9E40AD-B1C4-4078-8F86-5C00D1166571}] => C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B02FA4A5-2CA3-4039-8673-7FF4CB8BA0D2}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{8F1ECAC1-0B86-4C69-B5D9-65809466B22E}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{ACC29AB3-C8CF-467B-A05D-944CB44A2873}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{5A8AFC2B-D718-4A61-8C46-3575C512439B}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CA897B40-DFDB-4128-82EB-DADB37995C5E}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{796540A0-671F-43E1-B8C2-9FDA0C6B3EDB}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{6E2D9DDD-6E1B-410E-A53B-95082D4F7F27}] => C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
    FirewallRules: [{7A26CC65-E49D-4AC7-82FD-5A0E2AEED9A6}] => C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{A62AEB67-D10B-406C-B721-579F845C537C}] => C:\Program Files (x86)\Common Files\AOL\1409514765\ee\aolsoftware.exe
    FirewallRules: [{52679359-29C7-4CDE-A150-B008212107BB}] => C:\Program Files (x86)\Common Files\AOL\1409514765\ee\aolsoftware.exe
    FirewallRules: [{2A6F5E4C-6DF6-4000-B214-B390EAC9C20E}] => C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
    FirewallRules: [{2234AD6A-43AA-40B6-9127-191666FDE3A0}] => C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
    FirewallRules: [{4D1041DA-00A4-4D7D-9A69-A3B2438DAAAE}] => C:\Program Files (x86)\AOL Desktop 9.7b\waol.exe
    FirewallRules: [{2F371EAD-E8D6-4E75-B618-EBEE7B297C1D}] => C:\Program Files (x86)\AOL Desktop 9.7b\waol.exe
    FirewallRules: [{56F2CE2D-A9FF-454D-A752-86624B4C8E8D}] => C:\Program Files (x86)\AOL Desktop 9.7c\waol.exe
    FirewallRules: [{BFF030A7-6476-47D9-A68D-84B7A961E3B5}] => C:\Program Files (x86)\AOL Desktop 9.7c\waol.exe
    FirewallRules: [{52B57764-C390-4BBB-8710-1BBE8B70616E}] => C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe
    FirewallRules: [{D3DE6551-03EA-423C-9A90-90972F333099}] => C:\Program Files (x86)\AOL Desktop 9.8.0\waol.exe
    FirewallRules: [{0D03A3EF-43A3-437E-A168-1955C7AC8EDA}] => C:\Program Files (x86)\AOL Desktop 9.8.0a\waol.exe
    FirewallRules: [{2C8F687C-0731-42FD-8DB3-28E5E9B9440E}] => C:\Program Files (x86)\AOL Desktop 9.8.0a\waol.exe
    FirewallRules: [{F77A4A4D-1DC8-4852-9EC1-25782B451E1A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2F142791-78B4-4240-AEC4-9EC72031955E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{28A723D2-7B1C-4777-B4F4-00B8251D0483}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{57B754FC-8E62-4330-A5EE-C4AC18E777B6}] => LPort=2869
    FirewallRules: [{97A5D980-7FD8-47F4-A190-52BB675CD1C0}] => LPort=1900
    FirewallRules: [{3FB8D1C6-12D0-47B1-B53F-962D5209DFE5}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{9A7685EE-078D-4441-A188-7F5C5966A205}] => C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe
    FirewallRules: [{B36C56C3-BFB4-486D-9231-0718F4240800}] => C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe
    FirewallRules: [{E9BC85F3-A66B-4DFD-8B51-74A7DB1D26E2}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{D718FBF0-B294-40AF-9F98-7D6D99A4E7E8}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{3739316A-150A-43F6-961B-C7C7E51BAC37}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{F1A2A330-F983-4E7D-9399-F2F482390376}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{746E4D46-0453-4F29-80C4-B2A04A778031}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{D9CCF892-B896-4592-8821-63907AEB0442}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{63962CA6-6206-46AB-A6D9-6B1BBAE9DA85}] => C:\Program Files (x86)\Common Files\AOL\1409514765\ee\aolsoftware.exe
    FirewallRules: [{8F3AF1F6-135E-48CB-96AD-60B3E2E446CB}] => C:\Program Files (x86)\Common Files\AOL\1409514765\ee\aolsoftware.exe
    FirewallRules: [{40CC3E7E-1599-4DA6-AF06-7EF0B0AE9F10}] => C:\Program Files (x86)\AOL Desktop 9.8.2a\waol.exe
    FirewallRules: [{5C5CFBE5-6F8B-4D5D-AB1F-AD36D8682B16}] => C:\Program Files (x86)\AOL Desktop 9.8.2a\waol.exe
    FirewallRules: [{CA7BB8A7-C100-4138-A8DB-A4FDB817926A}] => C:\Program Files (x86)\AOL Desktop 9.8.2b\waol.exe
    FirewallRules: [{7A141985-FF5C-44FA-B48C-0FF03D78B40F}] => C:\Program Files (x86)\AOL Desktop 9.8.2b\waol.exe
    FirewallRules: [{13A879DF-61C5-4927-8FA1-41B5759DD569}] => LPort=8888
    FirewallRules: [{797CDBD5-2387-4124-B776-991A3A77CB7D}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
    FirewallRules: [TCP Query User{5806FBCB-FEA4-4C33-8690-6F6A82C2A84C}C:\users\bruce\appdata\roaming\spotify\spotify.exe] => C:\users\bruce\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{841D85B4-17A2-4608-AE19-8E95A43A1878}C:\users\bruce\appdata\roaming\spotify\spotify.exe] => C:\users\bruce\appdata\roaming\spotify\spotify.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============

    Name: WAN Miniport (ATW) #2
    Description: WAN Miniport (ATW)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: America Online, Inc.
    Service: wanatw
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============
    Error: (01/20/2017 07:00:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/20/2017 07:00:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (01/20/2017 07:00:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Live Family Safety Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (01/20/2017 06:59:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The AVG Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PDF Document Manager service terminated unexpectedly.  It has done this 1 time(s).

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Process Monitor service terminated unexpectedly.  It has done this 1 time(s).

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Easybits Services for Windows service terminated unexpectedly.  It has done this 1 time(s).

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The RealPlayer Update Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (01/20/2017 06:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Online Games Manager service terminated unexpectedly.  It has done this 1 time(s).


    CodeIntegrity:
    ===================================
      Date: 2016-07-21 16:47:25.794
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 13:44:16.802
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 13:44:16.640
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 13:44:16.438
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 13:44:16.225
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 07:02:07.736
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 07:02:07.581
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 07:02:07.391
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 06:49:26.931
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-21 06:49:26.760
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
    Percentage of memory in use: 74%
    Total physical RAM: 4061.24 MB
    Available physical RAM: 1024.73 MB
    Total Virtual: 8120.67 MB
    Available Virtual: 5278.49 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:686.23 GB) (Free:601.07 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:12.31 GB) (Free:1.45 GB) NTFS ==>[system with boot components (obtained from drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: FE01E31F)
    Partition 1: (Active) - (Size=94 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=12.3 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

     

     

    I will now see what I am able to achieve with rogue killer, but it's getting late here, it's after midnight already so I may have to make my next post in the morning. Many thanks for all your time and help so far. Much appreciated.


    • 0

    #22
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    Well I have tried to dowload ROGUEKILLER but my Malwarebytes keeps blocking the download as a known threat. Should I disable the Malwarebytes while I download, or is there a problem with this site really? I did several tries, and a couple of them I quickly abandoned myself because it had directed me to another application entirely different, so I was concerned. It is now so late I will be back on to make progress if possible in the morning. Goodnight, and thanks again.


    • 0

    #23
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    We did manage to make some progress with the fixlist.  

     

    I'm thinking there may be a problem with the file system that caused it to hang.  Let's try a drive check:

     

     
    1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
    2. Click Properties, and then click Tools.
    3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
    4. Check both boxes and then click Start.
    You will receive the following message:
    The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
    Click Yes to schedule the disk check, but don't restart yet.
     
    Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
     
    Once it reboots run VEW again for both System and Application.
     
    RogueKiller shouldn't be bad.  I just downloaded it again and my Avast didn't complain about it.
     
    If you are worried, turn off MBAM then download it and before you run it submit it to virustotal.com.

    • 0

    #24
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    I set for check disc and then cleared both logs as requested, check disc ran for about two hours on re-boot this morning.

     

    I have re-run VEW and the log produced is as follows:-

    Vino's Event Viewer v01c run on Windows 2008 in English
    Report run at 21/01/2017 11:56:31

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 21/01/2017 11:40:59
    Type: Error Category: 0
    Event: 7000 Source: Service Control Manager
    The HP Support Assistant Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

    Log: 'System' Date/Time: 21/01/2017 11:40:59
    Type: Error Category: 0
    Event: 7009 Source: Service Control Manager
    A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 21/01/2017 11:38:42
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MULTIPLE&PROD_CARD__READER&REV_1.00#058F63666433&0#.

    Log: 'System' Date/Time: 21/01/2017 11:33:31
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\USBSTOR failed to load for the device USB\VID_152E&PID_2507\P01070301154305.

    Log: 'System' Date/Time: 21/01/2017 11:33:31
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\HidUsb failed to load for the device USB\VID_0461&PID_4D0F\5&30d2dc47&0&2.

    Log: 'System' Date/Time: 21/01/2017 11:33:31
    Type: Warning Category: 212
    Event: 219 Source: Microsoft-Windows-Kernel-PnP
    The driver \Driver\usbccgp failed to load for the device USB\VID_046D&PID_08D9\5&30d2dc47&0&1.

     

     

    I will try again to download ROGUEKILLER NOW.
     


    • 0

    #25
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    When I request download the Roguekiller it moves to a page titled ESET, and trying to download from there it instructs that my AVG protection must first be removed ???? I am reluctant to do that of course.

     

    A bit of guidance required here I THINK.


    Edited by Bruce42, 21 January 2017 - 06:11 AM.

    • 0

    Advertisements


    #26
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    I just downloaded roguekiller.

     

    The first link: http://www.adlice.co...ad/roguekiller/

    takes me to:

     

    rka.JPG

     

    I scroll down a bit and click on the Download under the $0 column

     

    and it moves me further down the page to:

     

    rkb.JPG

     

    I click on the download to the right of where it says:  Installer 32/64 bits [Cloud Mirror]

     

    and it first says the download is beginning but then takes me to https://www.fosshub.com/RogueKiller.html 

    (since I have adblock plus installed)

     

    rkd.JPG

     

    I click on  Download RogueKiller 32/64 Bits Installer 

    below the yellow warning box.

     

    And the download called setup.exe starts.

     

    Without adblock plus it takes me to

    rke.JPG

    then to

    https://www.fosshub....ogueKiller.html

     

    rkf.JPG

    where I have to click on

    Download RogueKiller 32/64 Bits Installer 

    (which is right below an ad box which also has a Download button)

     

    Where do things change for you?  Could you be clicking on one of the ads' download buttons?  Have you tried it with another browser?

    *****

    If you still can't get RogueKiller: I don't see a proxy in your log so perhaps your router has been compromised.  How do you connect to the Internet?  Cable or DSL.  Is there a separate modem and router or just one box.  What is the make and model of the router?

     

    Can you download minitoolbox?

     

    Please download MiniToolBox, save it to your desktop and run it.
     
    Checkmark the following checkboxes:
    •  
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer Errors
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
    • List Minidump Files
     
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
    ******
    Now that you have done the disk check try doing the FRST Fix again.  You may need to redo the Fixlist download as FRST removes the fixlist some time during the Fix process.
     
    It should not take more than 15 minutes.  

     

     

     

     

     

     

     

     

     

     

     

     

     


    • 0

    #27
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    Thank-you for the detailed guide to download ROGUEKILLER, it worked and it is scanning away while I type. Does this make your next step to minitoolbox un-necessary now ? or would you still like this process to proceed as well. If not shall I get back onto your original task list.


    • 0

    #28
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    I think we can skip the minitoolbox for now.


    • 0

    #29
    Bruce42

    Bruce42

      Member

    • Topic Starter
    • Member
    • PipPip
    • 83 posts

    The scan details from RogueKiller which has found questionable10 files. I have not done anything with them yet.

     

    RogueKiller V12.9.4.0 (x64) [Jan 16 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.co...ad/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Bruce [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Scan -- Date : 01/21/2017 13:05:05 (Duration : 02:11:04)

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 10 ¤¤¤
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\MetaStream -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Viewpoint -> Found
    [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1479852311-1289031698-2712840260-1000\Software\SlimWare Utilities Inc -> Found
    [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1479852311-1289031698-2712840260-1000\Software\SlimWare Utilities Inc -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer -> Found
    [PUM.SEH] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer | EnableShellExecuteHooks : 1  -> Found
    [PUM.SEH] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer | EnableShellExecuteHooks : 1  -> Found
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1479852311-1289031698-2712840260-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1479852311-1289031698-2712840260-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: ST1000VM002-1SD102 ATA Device +++++
    --- User ---
    [MBR] 9d6f93c64188ca91ae084a7542b22d97
    [BSP] df1f061d22495dc1ff169411290895f8 : HP|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 94 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 192780 | Size: 702702 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1439327610 | Size: 12605 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: Multiple Card  Reader USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )
     


    • 0

    #30
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    You can let RogueKiller remove the things it found. 

     

    Then see if FRST will run the fixlist now.  You may have to redownload it since it removes it some time during the Fix.  It shouldn't take but 15 minutes.  If it doesn't finish see if it tells you what it is doing when it hangs.


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP