Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by hp (administrator) on HP-HP (05-12-2017 12:10:31)
Running from C:\Users\hp\Downloads
Loaded Profiles: hp (Available Profiles: hp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Apache Software Foundation) C:\Program Files (x86)\HoudiniESQ\bin\tomcat6.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PSIService.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
(Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
() C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\hp\Downloads\FRST64 (3).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: G - G:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {0a813159-f176-11e3-acdf-2c27d7defd54} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {0a813193-f176-11e3-acdf-2c27d7defd54} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {1fe9f7e1-33f4-11e2-9f81-2c27d7defd54} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {4fa3719f-f9a3-11e5-9dd1-2c27d7defd54} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {57a3d5bf-49f8-11e2-988a-2c27d7defd54} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\MountPoints2: {b0d0f12f-b3e2-11e2-8173-2c27d7defd54} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1639220141-509259437-498096989-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-05-23] (EasyBits Software Corp.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4554B199-90E7-4B2F-9E89-B320F6BDE52F}: [DhcpNameServer] 172.18.12.1
Tcpip\..\Interfaces\{BAA8F618-DB36-477D-86A8-B2E1715077A5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DEA56892-F35A-4202-ABC4-190090A22E4E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E7CFAE0B-1B4E-407B-B88A-EE30ED044850}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {4A86745F-DB47-4A3A-A643-9FDC6596EFEA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {4A86745F-DB47-4A3A-A643-9FDC6596EFEA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1639220141-509259437-498096989-1001 -> {4A86745F-DB47-4A3A-A643-9FDC6596EFEA} URL =
SearchScopes: HKU\S-1-5-21-1639220141-509259437-498096989-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1639220141-509259437-498096989-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-23] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-23] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {106E49CF-797A-11D2-81A2-00E02C015623} hxxp://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.6.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll [2013-03-30] (Intuit, Inc.)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
FireFox:
========
FF DefaultProfile: fm7zfbeu.default-1400677375396
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fm7zfbeu.default-1400677375396 [2017-11-15]
FF Homepage: Mozilla\Firefox\Profiles\fm7zfbeu.default-1400677375396 -> google.com
FF Extension: (OpenDownload²) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fm7zfbeu.default-1400677375396\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2017-01-30] [Lagacy]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-05] [Lagacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\WordPerfect Lightning\Programs\FirefoxExtension
FF Extension: (Copy To Wordperfect Lightning) - C:\Program Files (x86)\WordPerfect Lightning\Programs\FirefoxExtension [2013-11-12] [Lagacy] [not signed]
FF HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll [2014-05-21] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-23] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-23] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-07-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\hp\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-09-19] (Cisco WebEx LLC)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-20] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-12-05]
CHR Extension: (Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-13]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-13]
CHR Extension: (Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-04]
CHR Extension: (Cisco WebEx Extension) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-09-19]
CHR Extension: (Mailtrack for Gmail & Inbox: Email tracking) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2017-11-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-05]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HoudiniESQ; C:\Program Files (x86)/HoudiniESQ\bin\tomcat6.exe [57344 2008-07-22] (Apache Software Foundation) [File not signed]
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2012-12-15] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (NETGEAR)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
U2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2011-08-19] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2011-08-19] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254552 2012-09-11] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [33600 2013-05-16] (Hewlett-Packard)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2017-11-29] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-10-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-10-22] (Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-05 12:09 - 2017-12-05 12:09 - 002391552 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (3).exe
2017-12-05 12:09 - 2017-12-05 12:09 - 002391552 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (2).exe
2017-12-05 11:49 - 2017-12-05 11:49 - 000000000 ____H C:\Users\hp\BIT2199.tmp
2017-12-05 10:23 - 2017-12-05 10:23 - 000037202 _____ C:\Users\hp\Downloads\Notice of Seminar.pdf
2017-11-30 13:02 - 2017-11-30 13:02 - 000786583 _____ C:\Users\hp\Downloads\Medicaid Spend Down - The Voice - August 2011 - Vol 5 Issue_ 14.pdf
2017-11-30 10:23 - 2017-11-30 10:25 - 000064030 _____ C:\Users\hp\Downloads\Addition.txt
2017-11-30 10:20 - 2017-11-30 10:21 - 002391552 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (1).exe
2017-11-30 10:19 - 2017-12-05 12:11 - 000025319 _____ C:\Users\hp\Downloads\FRST.txt
2017-11-30 10:19 - 2017-12-05 12:10 - 000000000 ____D C:\FRST
2017-11-30 10:18 - 2017-11-30 10:19 - 002391552 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe
2017-11-30 09:03 - 2017-11-30 09:03 - 000327772 _____ C:\Users\hp\Downloads\DOC112917-151048.pdf
2017-11-28 08:30 - 2017-11-30 08:10 - 000000000 ____D C:\Users\hp\Documents\Bolivar Injunction 11-28-17
2017-11-28 08:15 - 2017-11-28 08:15 - 000023043 _____ C:\Users\hp\Downloads\48NE3D92_051508.pdf
2017-11-28 07:59 - 2017-11-28 07:59 - 000009639 _____ C:\Users\hp\Downloads\29_045945.pdf
2017-11-28 07:51 - 2017-11-30 11:37 - 000000000 ____D C:\Users\hp\Documents\manlove, jennifer
2017-11-28 07:51 - 2017-11-28 07:51 - 000014114 _____ C:\Users\hp\Downloads\27183.S11_045115.pdf
2017-11-27 10:03 - 2017-11-27 10:03 - 000047302 _____ C:\Users\hp\Downloads\12NE3D476_070306.pdf
2017-11-27 10:00 - 2017-11-27 10:00 - 000050200 _____ C:\Users\hp\Downloads\12-13-05.Q06_070004.pdf
2017-11-27 09:57 - 2017-11-27 09:57 - 000026957 _____ C:\Users\hp\Downloads\67NE3D1_065745.pdf
2017-11-27 08:59 - 2017-11-27 08:59 - 000001483 _____ C:\Users\hp\Downloads\49NE1108A6_055923.pdf
2017-11-27 08:57 - 2017-11-27 08:57 - 000003469 _____ C:\Users\hp\Downloads\94NE2D705_055737.pdf
2017-11-27 07:55 - 2017-11-27 09:58 - 000000000 ____D C:\Users\hp\Documents\Bolviar Meetings
2017-11-25 10:58 - 2017-12-05 11:49 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForhp
2017-11-25 10:58 - 2017-12-05 11:49 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForhp.job
2017-11-21 07:40 - 2017-11-21 07:40 - 002878797 _____ C:\Users\hp\Downloads\Work Session 01-11 16-_OCR.pdf
2017-11-21 07:28 - 2017-11-21 07:28 - 001011301 _____ C:\Users\hp\Downloads\Final Briefs.pdf
2017-11-20 09:28 - 2017-11-20 09:28 - 000010131 _____ C:\Users\hp\Downloads\970NE2D1163_062802.pdf
2017-11-19 20:06 - 2017-11-19 20:06 - 000017738 _____ C:\Users\hp\Downloads\942NE2D404_citing_references_050637.pdf
2017-11-19 19:20 - 2017-11-19 19:20 - 000012963 _____ C:\Users\hp\Downloads\09CA22.M05_042054.pdf
2017-11-19 19:02 - 2017-11-19 19:02 - 000007513 _____ C:\Users\hp\Downloads\104864.T05_040213.pdf
2017-11-19 18:44 - 2017-11-19 18:44 - 000007100 _____ C:\Users\hp\Downloads\04CA008566.M01_034452.pdf
2017-11-19 17:57 - 2017-11-19 17:57 - 000007700 _____ C:\Users\hp\Downloads\A008775.I08_025706.pdf
2017-11-19 17:39 - 2017-11-19 17:39 - 000006313 _____ C:\Users\hp\Downloads\C-160682.T06_023857.pdf
2017-11-19 17:37 - 2017-11-19 17:37 - 000019533 _____ C:\Users\hp\Downloads\2015CA00038.R10_023722.pdf
2017-11-19 17:33 - 2017-11-19 17:33 - 000007700 _____ C:\Users\hp\Downloads\A008775.I08_023303.pdf
2017-11-19 17:31 - 2017-11-19 17:31 - 000009496 _____ C:\Users\hp\Downloads\07HA5.K06_023145.pdf
2017-11-19 16:06 - 2017-11-19 16:06 - 000019409 _____ C:\Users\hp\Downloads\25753.Q02_010651.pdf
2017-11-19 16:04 - 2017-11-19 16:04 - 000052797 _____ C:\Users\hp\Downloads\15 MA 0225.T08_010420.pdf
2017-11-19 16:02 - 2017-11-19 16:02 - 000010167 _____ C:\Users\hp\Downloads\25818.O08_010227.pdf
2017-11-19 15:59 - 2017-11-19 15:59 - 000012371 _____ C:\Users\hp\Downloads\26215.O11_125941.pdf
2017-11-19 09:50 - 2017-11-19 09:50 - 000005639 _____ C:\Users\hp\Downloads\600NE2D394_065049.pdf
2017-11-19 09:48 - 2017-11-19 09:48 - 000011229 _____ C:\Users\hp\Downloads\407NE2D490_064815.pdf
2017-11-19 09:43 - 2017-11-19 09:43 - 000013081 _____ C:\Users\hp\Downloads\436NE2D1008_064343.pdf
2017-11-19 09:22 - 2017-11-19 09:22 - 000018278 _____ C:\Users\hp\Downloads\17-COA-005.T10_062201.pdf
2017-11-19 08:27 - 2017-11-19 08:27 - 000754820 _____ C:\Users\hp\Downloads\Document_Judgment Entry (8).pdf
2017-11-19 08:27 - 2017-11-19 08:27 - 000446762 _____ C:\Users\hp\Downloads\Huth v Kus transcript.pdf
2017-11-18 10:19 - 2017-11-18 10:19 - 000000000 ____D C:\Users\hp\AppData\Local\HP_Inc
2017-11-18 09:58 - 2017-11-18 09:58 - 001066061 _____ C:\Users\hp\Downloads\court recording transcribed.pdf
2017-11-16 15:30 - 2017-11-16 15:30 - 000754820 _____ C:\Users\hp\Downloads\Document_Judgment Entry (7).pdf
2017-11-16 14:31 - 2017-11-16 14:31 - 000067598 _____ C:\Users\hp\Downloads\Document_Judgment Entry (6).pdf
2017-11-16 10:22 - 2017-11-16 10:22 - 000152758 _____ C:\Users\hp\Downloads\memo to bar only re proposed local rules 2018 (1).pdf
2017-11-16 10:21 - 2017-11-16 10:21 - 000692379 _____ C:\Users\hp\Downloads\Proposed Local Rules 2018.pdf
2017-11-16 10:21 - 2017-11-16 10:21 - 000152758 _____ C:\Users\hp\Downloads\memo to bar only re proposed local rules 2018.pdf
2017-11-16 07:42 - 2017-11-16 07:42 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-14 11:27 - 2017-11-14 11:27 - 000217575 _____ C:\Users\hp\Downloads\5-17-cv-00234-BYP (2).zip
2017-11-14 08:05 - 2017-11-14 08:05 - 000007510 _____ C:\Users\hp\Downloads\15 CAC 07 0058.S02_050527.pdf
2017-11-14 07:52 - 2017-11-14 07:52 - 000014194 _____ C:\Users\hp\Downloads\L-16-1274.T05_045226.pdf
2017-11-14 07:35 - 2017-11-14 07:35 - 000009908 _____ C:\Users\hp\Downloads\04 BE 40.M01_043552.pdf
2017-11-14 07:26 - 2017-11-14 07:26 - 010574685 _____ C:\Users\hp\Downloads\Discovery received by the state..pdf
2017-11-13 10:47 - 2017-11-13 13:37 - 000000000 ____D C:\Users\hp\Documents\Grove City Reptiles
2017-11-13 09:33 - 2017-11-13 09:33 - 000002227 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2017-11-13 09:32 - 2017-11-13 09:32 - 000000000 ____D C:\ProgramData\HP Inc
2017-11-13 09:28 - 2017-11-13 09:29 - 035357824 _____ (HP Inc. ) C:\Users\hp\Downloads\sp82049.exe
2017-11-09 13:19 - 2017-11-09 13:19 - 000035273 _____ C:\Users\hp\Downloads\img3434.djvu
2017-11-09 12:59 - 2017-11-09 12:59 - 000016301 _____ C:\Users\hp\Downloads\748NE2D58_095903.pdf
2017-11-09 12:44 - 2017-11-09 13:17 - 000000000 ____D C:\Users\hp\Documents\Huth-Massillon
2017-11-09 12:44 - 2017-11-09 12:44 - 000016235 _____ C:\Users\hp\Downloads\667NE2D1223_094409.pdf
2017-11-09 12:05 - 2017-11-09 12:27 - 000054272 ____H C:\Users\hp\Documents\~WRL1017.tmp
2017-11-09 12:05 - 2017-11-09 12:24 - 000055808 ____H C:\Users\hp\Documents\~WRL1754.tmp
2017-11-09 12:05 - 2017-11-09 12:24 - 000053760 ____H C:\Users\hp\Documents\~WRL2608.tmp
2017-11-09 12:05 - 2017-11-09 12:21 - 000058368 ____H C:\Users\hp\Documents\~WRL1220.tmp
2017-11-09 12:05 - 2017-11-09 12:15 - 000057344 ____H C:\Users\hp\Documents\~WRL1295.tmp
2017-11-09 12:05 - 2017-11-09 12:06 - 000056832 ____H C:\Users\hp\Documents\~WRL3114.tmp
2017-11-09 12:05 - 2017-11-09 12:05 - 000056832 ____H C:\Users\hp\Documents\~WRL0341.tmp
2017-11-08 16:44 - 2017-11-29 11:04 - 000369168 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll
2017-11-08 16:44 - 2017-11-29 11:04 - 000281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2017-11-08 16:44 - 2017-11-29 11:04 - 000106000 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll
2017-11-08 16:44 - 2017-11-29 11:04 - 000096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\packet.dll
2017-11-08 16:44 - 2017-11-29 11:04 - 000035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2017-11-08 16:44 - 2017-11-29 11:04 - 000002062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2017-11-08 16:44 - 2017-11-29 11:04 - 000002050 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2017-11-08 16:44 - 2017-11-29 11:04 - 000000000 ____D C:\Users\hp\AppData\Local\NETGEARGenie
2017-11-08 16:44 - 2017-11-29 11:04 - 000000000 ____D C:\Program Files (x86)\NETGEAR Genie
2017-11-08 16:43 - 2017-11-08 16:44 - 046407968 _____ (NETGEAR Inc.) C:\Users\hp\Downloads\NETGEARGenie-install.exe
2017-11-08 11:26 - 2017-11-08 11:26 - 000266969 _____ C:\Users\hp\Downloads\Motion dockets 11 13 17.pdf
2017-11-07 10:01 - 2017-11-07 10:01 - 000013721 _____ C:\Users\hp\Downloads\338BR372_citing_references_070145.pdf
2017-11-07 10:01 - 2017-11-07 10:01 - 000001221 _____ C:\Users\hp\Downloads\338BR372_citing_references_070134.pdf
2017-11-07 10:01 - 2017-11-07 10:01 - 000001221 _____ C:\Users\hp\Downloads\338BR372_citing_references_070121.pdf
2017-11-07 10:01 - 2017-11-07 10:01 - 000001221 _____ C:\Users\hp\Downloads\338BR372_citing_references_070111.pdf
2017-11-07 09:56 - 2017-11-07 09:56 - 000033935 _____ C:\Users\hp\Downloads\338BR372_citing_references_065627.pdf
2017-11-07 09:54 - 2017-11-07 09:54 - 000022562 _____ C:\Users\hp\Downloads\338BR372_citing_references_065439.pdf
2017-11-07 09:54 - 2017-11-07 09:54 - 000001245 _____ C:\Users\hp\Downloads\338BR372_citing_references_065430.pdf
2017-11-07 09:52 - 2017-11-07 09:52 - 000007178 _____ C:\Users\hp\Downloads\338BR372_065233.pdf
2017-11-07 09:50 - 2017-11-07 09:50 - 000032723 _____ C:\Users\hp\Downloads\11-72074.R02_065023.pdf
2017-11-07 09:38 - 2017-11-07 09:38 - 000011687 _____ C:\Users\hp\Downloads\550BR854_063816.pdf
2017-11-07 09:25 - 2017-11-07 09:25 - 000129432 _____ C:\Users\hp\Downloads\20171106204832.pdf
2017-11-06 11:48 - 2017-11-06 11:48 - 000186213 _____ C:\Users\hp\Downloads\Council - October 2 2017 - draft copy.pdf
2017-11-06 11:48 - 2017-11-06 11:48 - 000186213 _____ C:\Users\hp\Downloads\Council - October 2 2017 - draft copy (1).pdf
2017-11-06 11:46 - 2017-11-06 11:46 - 000193286 _____ C:\Users\hp\Downloads\ORD Animals at Large (00479941xBE3C8) - DRAFT.pdf
2017-11-06 08:00 - 2017-11-06 08:00 - 000024293 _____ C:\Users\hp\Downloads\218 WDA 2017.T05_045958.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-05 12:11 - 2017-10-22 15:03 - 000136147 _____ C:\Windows\ZAM.krnl.trace
2017-12-05 12:11 - 2017-10-22 15:03 - 000111558 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-12-05 11:49 - 2016-03-02 16:30 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001UA.job
2017-12-05 11:49 - 2012-10-09 13:58 - 000000000 ____D C:\Users\hp
2017-12-05 11:48 - 2017-09-06 10:36 - 000000516 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1639220141-509259437-498096989-1001.job
2017-12-05 11:04 - 2012-10-09 14:02 - 000003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72EEAA48-D7C5-4FAC-9299-1191B2D04A53}
2017-12-05 10:48 - 2017-09-06 10:36 - 000000612 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1639220141-509259437-498096989-1001.job
2017-12-05 10:06 - 2016-03-02 16:30 - 000000854 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001Core.job
2017-12-04 12:40 - 2012-10-11 14:18 - 000000000 ____D C:\Users\hp\AppData\Roaming\PrimoPDF
2017-12-04 08:32 - 2009-07-13 23:45 - 000031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-04 08:32 - 2009-07-13 23:45 - 000031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-04 08:29 - 2009-07-14 00:13 - 000782452 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-04 08:29 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2017-12-04 08:23 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-30 10:28 - 2016-09-06 13:09 - 001296384 ___SH C:\Users\hp\Downloads\Thumbs.db
2017-11-30 09:04 - 2017-03-03 09:04 - 000000000 ____D C:\Users\hp\Documents\animals
2017-11-29 08:32 - 2017-02-14 16:51 - 000000000 ____D C:\Users\hp\Documents\utilities II
2017-11-28 12:03 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2017-11-28 08:31 - 2016-05-17 08:05 - 000000000 ____D C:\Users\hp\Documents\Bolivar Injunction
2017-11-27 12:31 - 2017-03-12 12:14 - 000000000 ____D C:\Users\hp\Documents\Christina
2017-11-27 08:58 - 2017-05-18 10:20 - 000000000 ____D C:\Users\hp\Documents\Don Miller
2017-11-19 08:24 - 2017-09-06 10:36 - 000003626 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1639220141-509259437-498096989-1001
2017-11-19 08:24 - 2017-09-06 10:36 - 000003530 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1639220141-509259437-498096989-1001
2017-11-19 08:24 - 2017-09-06 10:36 - 000000000 ____D C:\Users\hp\AppData\Local\GoToMeeting
2017-11-18 10:15 - 2013-05-21 09:04 - 000000000 ____D C:\Program Files\HP
2017-11-18 10:15 - 2012-11-05 13:52 - 000000000 ____D C:\ProgramData\HP
2017-11-16 13:09 - 2017-02-07 08:06 - 000000000 ____D C:\Users\hp\Documents\Attorney Practice
2017-11-16 12:13 - 2013-01-31 10:51 - 000001092 _____ C:\Windows\Brpfx04a.ini
2017-11-16 08:23 - 2013-01-31 10:49 - 000000000 _____ C:\Windows\brdfxspd.dat
2017-11-16 07:42 - 2014-09-19 09:19 - 000000000 ____D C:\Users\hp\AppData\Roaming\Dropbox
2017-11-15 13:24 - 2016-03-13 10:49 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-14 07:22 - 2012-11-30 15:19 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 07:22 - 2012-11-30 15:19 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 09:34 - 2014-04-07 09:39 - 000000000 ____D C:\Users\hp\AppData\Roaming\HpUpdate
2017-11-13 09:34 - 2011-05-23 16:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-13 09:33 - 2012-12-15 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-11-13 09:33 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Help
2017-11-13 09:32 - 2011-05-23 15:45 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-11-13 09:31 - 2012-11-05 13:53 - 000000000 ____D C:\Program Files (x86)\HP
2017-11-13 09:31 - 2012-10-09 14:02 - 000000000 ____D C:\Users\hp\AppData\Roaming\hpqLog
2017-11-13 09:31 - 2012-10-09 14:00 - 000000000 ____D C:\Users\hp\AppData\Local\Hewlett-Packard
2017-11-13 09:31 - 2011-05-23 15:59 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2017-11-13 09:30 - 2011-05-23 15:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-11-13 09:29 - 2011-02-10 14:23 - 000000000 ____D C:\SWSetup
2017-11-13 09:20 - 2012-10-09 14:00 - 000000000 ____D C:\Users\hp\AppData\Roaming\Hewlett-Packard
2017-11-13 09:04 - 2011-05-23 16:12 - 000000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-11-11 19:15 - 2017-08-23 14:34 - 000000000 ____D C:\Users\hp\Documents\Peroli, Joette
2017-11-09 12:56 - 2017-10-23 07:46 - 000000000 ____D C:\Users\hp\Documents\Graber, Scott
2017-11-08 15:55 - 2017-03-31 12:06 - 000000000 ____D C:\Users\hp\Documents\Time Warner Spectrum
2017-11-07 09:26 - 2017-02-06 09:26 - 000000000 ____D C:\Users\hp\Documents\utilities
2017-11-06 12:42 - 2013-03-20 13:36 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2013-02-13 14:52 - 2012-04-27 14:47 - 002170880 _____ (Knowles Publishing, Inc.) C:\Users\hp\Discovery.exe
2012-10-11 15:58 - 2013-01-16 15:29 - 000001925 _____ () C:\Users\hp\AppData\Roaming\Rim.Desktop.Exception.log
2012-10-11 15:58 - 2012-10-11 15:58 - 000001153 _____ () C:\Users\hp\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-10-11 15:58 - 2013-01-16 15:29 - 000001925 _____ () C:\Users\hp\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-01-16 15:17 - 2013-01-16 15:29 - 000000231 _____ () C:\Users\hp\AppData\Roaming\Rim.Transcoder.Exception.log
2013-01-16 15:17 - 2013-01-16 15:17 - 000003584 _____ () C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-30 13:05
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by hp (05-12-2017 12:11:51)
Running from C:\Users\hp\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-09 18:58:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1639220141-509259437-498096989-500 - Administrator - Disabled)
Guest (S-1-5-21-1639220141-509259437-498096989-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1639220141-509259437-498096989-1004 - Limited - Enabled)
hp (S-1-5-21-1639220141-509259437-498096989-1001 - Administrator - Enabled) => C:\Users\hp
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510nz_Help (HKLM-x32\...\{690879A5-18EF-447B-98D6-B699D51008AB}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (HKLM-x32\...\{5B05FF91-F20C-4832-A8DE-E1912639C17C}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (HKLM-x32\...\{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WT089498) (Version: 2.2.0.95 - WildTangent) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{97B70991-5002-4241-8B0C-D74B8ADEB2B5}) (Version: 7.1.0.32 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research In Motion Ltd.)
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
Chronotron Pro (HKLM-x32\...\{4CCE77B1-36E1-4A25-91BD-350A0B7C11DE}) (Version: 1.0.0 - Chronotron.com)
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.8) (Version: 5.0.0.8 - Coupons.com Incorporated)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2110 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.3206 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Decipher TextMessage (HKLM-x32\...\{F35BEED1-67B2-4437-B71F-4099B5222F06}) (Version: 5.5.1 - Decipher Media)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
Discovery (C:\Program Files (x86)\disc\) #3 (HKLM-x32\...\ST6UNST #3) (Version: - )
Discovery (C:\Program Files (x86)\disc\) #4 (HKLM-x32\...\ST6UNST #4) (Version: - )
Discovery (C:\Program Files (x86)\disc\) (HKLM-x32\...\ST6UNST #2) (Version: - )
Discovery (HKLM-x32\...\ST6UNST #1) (Version: - )
DocMgr (HKLM-x32\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Document Express DjVu Plug-in (HKLM\...\{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}) (Version: 6.1.35472 - Cuminas Corporation)
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\Dropbox) (Version: 39.4.49 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (HKLM-x32\...\WT089470) (Version: 2.2.0.95 - WildTangent) Hidden
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FTR TheRecord Player (HKLM-x32\...\{530566D0-895A-4F2C-9CE5-8DEB854CB027}) (Version: 5.6.2.0 - FTR Pty. Ltd.) Hidden
FTR TheRecord Player (HKLM-x32\...\InstallShield_{530566D0-895A-4F2C-9CE5-8DEB854CB027}) (Version: 5.6.2.0 - FTR Pty. Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 8.17.0.7943 (HKU\S-1-5-21-1639220141-509259437-498096989-1001\...\GoToMeeting) (Version: 8.17.0.7943 - LogMeIn, Inc.)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
H&R Block Business 2012 (Remove Only) (HKLM-x32\...\H&R Block Business 2012) (Version: - )
H&R Block Ohio 2012 (HKLM-x32\...\{E85D9824-9316-4124-9AC2-9F7E63B97295}) (Version: 1.12.4401 - HRB Technology, LLC.)
H&R Block Premium + Efile + State 2012 (HKLM-x32\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.07.7803 - HRB Technology, LLC.)
HotDocs Player 11 (64bit) (HKLM\...\{BEC0672D-63DA-49E2-ADE9-105D32D5BC7E}) (Version: 11.00.3411 - HotDocs Corporation)
HoudiniESQ Windows (HKLM-x32\...\HoudiniESQ Windows 1.8.97.1) (Version: 1.8.97.1 - LOGiCBit Software LLC)
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 2050 J510 series Basic Device Software (HKLM\...\{73B1AC18-614F-42CD-A798-4BA214586406}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{7AF1A318-2914-41CC-9B24-041C2D4AAAD7}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Documentation (HKLM-x32\...\{99CEB89F-50EC-4979-BDF6-148645D7EB35}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.8.37.11 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
iPhoneSMSExport (HKLM-x32\...\iPhoneSMSExport) (Version: - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (HKLM-x32\...\WT087393) (Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2000 Small Business (HKLM-x32\...\{00030409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (HKLM-x32\...\WT089496) (Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089484) (Version: 2.2.0.95 - WildTangent) Hidden
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
Nextiva Codec (HKLM-x32\...\{BE18FDC3-7E2E-4DE5-B471-DB74491768F2}) (Version: 63.1.2853 - Verint Video Solutions)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OhioDocs 4.2.0 (HKLM-x32\...\OhioDocs) (Version: 4.2.0 - The Ohio Bar Association)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PC Tool for VeryAndroid SMS Backup 3.2.1 (HKLM-x32\...\PC Tool for VeryAndroid SMS Backup) (Version: 3.2.1 - VeryAndroid)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089458) (Version: 2.2.0.95 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{446CCB22-B632-4A1D-BF84-DA8DB0575F98}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
QuickBooks (HKLM-x32\...\{25E202D1-D8E7-46AF-B4B0-157D9993A93E}) (Version: 22.0.4001.2206 - Intuit Inc.) Hidden
QuickBooks Pro 2012 (HKLM-x32\...\{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}) (Version: 22.0.4001.2206 - Intuit Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RealLegal E-Transcript Bundle Viewer (HKLM-x32\...\{521D6EE7-E5B6-4E9B-837A-BEF39247FF07}) (Version: 6.0.1.887 - Thomson Reuters)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
Smart Organizing Monitor for SP 210 Series (HKLM-x32\...\{D1EC71F7-E534-4A54-A75A-DCDCCAD77BF7}) (Version: 1.00 - RICOH)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartWebPrinting (HKLM-x32\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SofTest v11 (HKLM-x32\...\{6E601B1B-8542-41DB-A361-B3817CC727AD}) (Version: 11.4.6 - Examsoft) Hidden
SofTest v11 (HKLM-x32\...\InstallShield_{6E601B1B-8542-41DB-A361-B3817CC727AD}) (Version: 11.4.6 - Examsoft)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Status (HKLM-x32\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
TunnelBear (HKLM-x32\...\{8092fbe5-9e59-4729-a5de-5bb6a64873cc}) (Version: 3.0.37.12 - TunnelBear)
TunnelBear (HKLM-x32\...\{ABC9BE61-B890-4100-BCA4-5AC3BF1F3CB5}) (Version: 3.0.37.12 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{cccb8171-b60b-4da8-8a0a-00e21ff41860}) (Version: 3.0.36.9 - TunnelBear)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{041E914E-7B73-4E8B-967F-B7FFC527FF80}) (Version: 2.14.0106 - Samsung Electronics Co., Ltd.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (HKLM-x32\...\WT087415) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WordPerfect Lightning - MSOM (HKLM-x32\...\{F6EE49FD-B736-4888-A05A-115F3B1160FA}) (Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning (HKLM-x32\...\_{4873CC58-69D8-490D-9E5C-001DC2EE202E}) (Version: - Corel Corporation)
WordPerfect Lightning (HKLM-x32\...\{4873CC58-69D8-490D-9E5C-001DC2EE202E}) (Version: 0.3 - Corel Corporation) Hidden
Works Suite OS Pack (HKLM-x32\...\{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}) (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\hp\AppData\Local\GoToMeeting\7586\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1639220141-509259437-498096989-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-22] ()
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2013-05-16] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2013-05-16] (Safer-Networking Ltd.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-28] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-22] ()
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2013-05-16] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2013-05-16] (Safer-Networking Ltd.)
ContextMenuHandlers1_S-1-5-21-1639220141-509259437-498096989-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1639220141-509259437-498096989-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1639220141-509259437-498096989-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\hp\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-11-13] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0263C98F-5111-47D7-AA8D-23DADCED6128} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-09-27] (HP Inc.)
Task: {03E92B07-8445-404C-8178-120105218D3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {1896E965-4DCD-48A9-BE20-4E927F2C0B26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-02] (Google Inc.)
Task: {2BDBAC1F-8006-46D9-9DFB-1791EF2657B1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001UA => C:\Users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-02] (Dropbox, Inc.)
Task: {34D4BA25-98B7-486E-AEEB-0443A786C004} - System32\Tasks\G2MUploadTask-S-1-5-21-1639220141-509259437-498096989-1001 => C:\Users\hp\AppData\Local\GoToMeeting\7943\g2mupload.exe [2017-11-19] (LogMeIn, Inc.)
Task: {420DB761-0835-4460-8D40-9B9B8E4D2835} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {4D2648DD-E356-447E-8922-BD7B3D6402AD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001Core => C:\Users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-03-02] (Dropbox, Inc.)
Task: {5C59C138-4CEB-46A1-8862-6B0628B6914F} - System32\Tasks\HPCeeScheduleForhp => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {75B3C601-7515-4DCA-87D7-FBDA790E0CFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {77086B1F-05B2-4C4E-A1B3-89253E71B75E} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2013-01-09] (Hewlett-Packard)
Task: {8446E903-BE7B-4791-BECF-92652BCB602A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {8CB0FE2B-9CFF-4594-8337-0A157F45144F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {93FAB2A5-4E5B-4932-A4C5-70CCA7C1165C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {AFC5C94E-4E9D-475B-AFF5-A8418FA19A9B} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {B2108DB9-6915-4838-B6EE-A0D39A1DEBEE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {B8D8A166-B68F-4CF7-9476-4E984184E8EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {C56D0375-80B5-4001-B803-106D6AF6BD84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {CA54D5C0-FF52-4952-AA61-90461B10BEFA} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E5E694AD-364D-4DA3-B09F-039E9F279A2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.)
Task: {E9494F7D-B840-4C3F-9221-A42C83756BA5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {FADE38B8-651D-4A34-ADB2-F0E3BA30A3D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-1639220141-509259437-498096989-1001 => C:\Users\hp\AppData\Local\GoToMeeting\7943\g2mupdate.exe [2017-11-19] (LogMeIn, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001Core.job => C:\Users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1639220141-509259437-498096989-1001UA.job => C:\Users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1639220141-509259437-498096989-1001.job => C:\Users\hp\AppData\Local\GoToMeeting\7943\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1639220141-509259437-498096989-1001.job => C:\Users\hp\AppData\Local\GoToMeeting\7943\g2mupload.exe
Task: C:\Windows\Tasks\HPCeeScheduleForhp.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-10-22 15:03 - 2017-10-22 15:03 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2012-10-11 14:18 - 2011-02-28 17:37 - 000095008 _____ () C:\Windows\System32\Primomonnt.dll
2011-09-28 06:19 - 2011-09-28 06:19 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2007-06-05 13:20 - 2007-06-05 13:20 - 000177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2014-10-29 11:49 - 2012-09-11 22:03 - 000254552 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-03-10 13:38 - 2005-04-21 23:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-09-06 15:48 - 2017-09-06 15:48 - 000037248 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
2013-09-17 15:59 - 2013-05-16 09:55 - 000113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-17 15:59 - 2013-05-16 09:55 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-17 15:59 - 2013-05-16 09:55 - 000161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-17 15:59 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-17 15:59 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-05-14 17:16 - 2013-05-14 17:16 - 000904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2017-11-15 13:24 - 2017-11-10 04:21 - 003075928 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 13:24 - 2017-11-10 04:21 - 000086872 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1639220141-509259437-498096989-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^hp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^hp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^hp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verizon Wireless Software Utility Application for Android – Samsung.lnk => C:\Windows\pss\Verizon Wireless Software Utility Application for Android – Samsung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\hp\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: FTR Search Folders => C:\Program Files (x86)\FTR\ForTheRecord\FTRSearchFolders.exe
MSCONFIG\startupreg: HP Deskjet 3510 series (NET) => "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29L1PGD705R7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: NETGEARGenie => "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B5310DDF-A4D6-4A67-AC77-D05831CE1F5E}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{3CC343F1-06F1-47C3-9A42-4687C9A22B6F}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{9C4FAC68-4D8C-4338-AE05-3673972F52B2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{A59B53EC-91E6-47D0-91B2-2689142F40BF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{CBD06988-049E-4EC8-89A3-6EE034A7ADC8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C24D38AD-08D1-4C3F-8E50-79B07B3EE29B}] => (Allow) LPort=2869
FirewallRules: [{CF01BCD1-BE19-47A4-9D2A-430347C86C93}] => (Allow) LPort=1900
FirewallRules: [{13D00327-6CD0-4F44-8ABC-A2F8F9415907}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B7F766FF-84C4-451C-87AA-CEC11DE0371F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{070C6AA6-E6B0-43D5-8DFE-7C7B8E043C4F}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{A74947F3-4C3F-4307-855D-8E83414FD3B6}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{7D36DAD2-F05C-498A-88B1-213701CF9FAD}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{D20BD07A-9404-41D2-9CBD-4C43570E7837}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{12BDE21C-035F-4359-947D-D8CF31550CE8}] => (Allow) LPort=4481
FirewallRules: [{80F9486B-B281-494B-8923-769D485F23EC}] => (Allow) LPort=4481
FirewallRules: [{5D194063-4832-4F54-9A39-5602A75F05EF}] => (Allow) LPort=4482
FirewallRules: [{6A8E99E6-943A-4A69-9456-3B58623776F6}] => (Allow) LPort=4482
FirewallRules: [{99A42185-8991-4131-A26C-BF2EDCA88777}] => (Allow) C:\Users\hp\AppData\Local\Temp\HP\OJ4500vG510n-z_Full_13_en\setup\hpznui40.exe
FirewallRules: [{458295CE-E4DF-4273-A8B4-9D4F819838DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{7A6A14B4-CE2F-4C69-8B01-4B77103E34FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D5753491-CDFC-4EA2-9D13-29DFAA6546AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{DD883D0F-6112-497D-8E2E-5526637E4784}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{A9BBEAA9-D619-4274-B081-1442F17AD6BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4B62852C-ABE2-48E1-8DE0-1BA859ECD12A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F3B55E07-27CA-4D7E-A907-D5FA4613AE03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D67127C2-8627-4C20-87FA-F422811BA1DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{02B480B0-F28A-4401-85D7-AA134CE4BEEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{27A0C6EB-1CB5-40A1-8063-B2C5864B922D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{901DC105-AE38-418F-ABDA-EBF6D0DEA2D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{3C404F46-2BE3-4D0B-B548-7EDD361354B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{E168AA0B-1737-410D-86A4-86046CA6947F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{CEDE29F2-99A5-4AD5-BADF-112D8DE24A83}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{A48C2A19-F592-448E-8239-D403845765AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{3CCB4327-69CF-448F-B7A8-5F06725F4DC0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{4D03B350-D488-4054-9A8F-ECF0BA6AEA44}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AE2D14B8-6CBB-4984-9E89-AE756970A78D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{BF91B818-8E22-482D-9357-7457D2698789}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A6079E38-84B4-4809-A5BD-5935A2694A34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63B5C91A-A5EB-4D48-A1E2-C2A74CC10BE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73EC4CAE-AD33-428B-89C5-B7EF7AE348F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CE3508B6-0430-411A-A879-CD14BB47481D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A0D4A14B-D8DF-43DF-990C-8F46761278B5}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{0FEACDA8-CF4C-43F0-B4BF-400ACC47D318}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{AF1E2DB4-3EDC-44A7-B19A-0B120A362998}C:\program files (x86)\decipher media\decipher textmessage\jre\bin\java.exe] => (Allow) C:\program files (x86)\decipher media\decipher textmessage\jre\bin\java.exe
FirewallRules: [UDP Query User{11B3CAA2-CAF2-44CB-80B8-8FC864A67F40}C:\program files (x86)\decipher media\decipher textmessage\jre\bin\java.exe] => (Allow) C:\program files (x86)\decipher media\decipher textmessage\jre\bin\java.exe
FirewallRules: [TCP Query User{EF7CE138-2852-4CBC-9436-7128DCFE35F6}C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{CB0AB300-BAC3-48BC-A781-C4B1B15D78DA}C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{B7A3229E-5E04-4B5B-B7E5-4A1C067354B1}C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{523C67E6-A9D0-4259-A2AE-442640CBC055}C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{2E9F3F45-4253-40AE-B11A-5A54B521039F}] => (Block) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{53ED40CF-5A2F-4803-89A5-4634BA2BD2C7}] => (Block) C:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{041FD5B7-2E97-4C07-9F73-13412E04C2C0}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{1919A282-444D-4191-B44E-0AEFA1A928B7}C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{AB476014-54CC-4F90-A13D-D4FDDEA6E7BE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{0A537B4D-3713-40C7-AA41-721B8C31DC57}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{108BA72B-07D4-45EB-8B3B-6F4FA97D453F}] => (Allow) LPort=54925
FirewallRules: [{B74F35CF-B3C7-4CDF-AF92-68B17A409687}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51ACC056-33B3-4104-B202-141A0B818828}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6437AEEB-367E-454B-9C99-74215C839104}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
29-09-2017 11:14:48 Scheduled Checkpoint
22-10-2017 14:52:45 Checkpoint by HitmanPro
22-10-2017 14:53:38 Checkpoint by HitmanPro
04-11-2017 10:52:03 Scheduled Checkpoint
13-11-2017 09:03:46 HPSF Applying updates
13-11-2017 09:19:02 HPSF Applying updates
13-11-2017 09:30:47 Installed HP Support Assistant
13-11-2017 09:32:20 Windows Modules Installer
13-11-2017 09:33:00 Windows Modules Installer
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/05/2017 12:08:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 12:03:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:58:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:53:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:13:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:08:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 11:03:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 10:58:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Error: (12/05/2017 10:53:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
System errors:
=============
Error: (12/04/2017 08:26:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (12/04/2017 08:23:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
Error: (12/04/2017 08:23:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:21:47 AM on 12/4/2017 was unexpected.
Error: (11/30/2017 08:09:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSupportSolutionsFrameworkService service.
Error: (11/24/2017 11:53:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (11/24/2017 11:51:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126
Error: (11/24/2017 11:51:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:27:37 AM on 11/23/2017 was unexpected.
Error: (11/18/2017 08:57:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
Error: (11/18/2017 08:56:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
Error: (11/18/2017 08:55:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
==================== Memory info ===========================
Processor: AMD A4-3300M APU with Radeon HD Graphics
Percentage of memory in use: 66%
Total physical RAM: 3562.91 MB
Available physical RAM: 1188.41 MB
Total Virtual: 7124.01 MB
Available Virtual: 3762.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:451.6 GB) (Free:344.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.86 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E1A650A4)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================