Loaded Profiles: False (Available Profiles: Grace) <==== ATTENTION (Temporary Profile?)
Platform: Windows 10 Home Version 1803 17134.191 (X64) Language: English (United States)
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [822816 2009-10-29] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157640 2009-09-17] (Dritek System Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [466712 2016-11-25] (CyberLink Corp.)
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-18\...\MountPoints2: {7186eb2d-1976-11e4-acb8-705ab6d41ab6} - "E:\LaunchU3.exe" -a
HKLM\...\Drivers32: [vidc.rscc] => C:\WINDOWS\system32\rscc.dll [836096 2013-02-21] (RSUPPORT)
HKLM\...\Drivers32-x32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.rscc] => C:\WINDOWS\SysWOW64\rscc.dll [671744 2013-02-21] (RSUPPORT)
HKLM\...\Drivers32-x32: [vidc.n264] => C:\Windows\SysWOW64\n264.dll [12888576 2014-04-02] (RSUPPORT)
HKLM\...\Drivers32-x32: [vidc.mp4v] => C:\Windows\SysWOW64\n264.dll [12888576 2014-04-02] (RSUPPORT)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\Installer\chrmstp.exe [2018-11-19] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{67187239-0780-4d9b-895B-7F0968AA474E}] -> C:\Program Files (x86)\CyberLink\YouCam7\CLCredProv\x64\CLCredProv.dll [2016-11-25] (CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{67187239-0780-4d9b-895B-7F0968AA474E}] -> C:\Program Files (x86)\CyberLink\YouCam7\CLCredProv\x64\CLCredProv.dll [2016-11-25] (CyberLink)
Startup: C:\Users\Dorothy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4630 series.lnk [2018-08-18]
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{2a52ceb2-57b2-43cf-8c92-4efd8d19d2f5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9ef1db85-9cd3-470f-a5c6-396ef645acf6}: [DhcpNameServer] 192.168.1.1 75.75.76.76
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-19] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://interactivebrokers.webex.com/client/WBXclient-T29L10NSP13EP34-10019/nbr/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4 => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-11-06] (Adobe Systems Inc.)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files (x86)\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx <not found>
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
S4 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [20888 2018-04-11] (Microsoft Corporation)
S4 COMSysApp; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19360 2018-04-11] (Microsoft Corporation)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-05] (Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-05] (Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [49944 2016-06-01] (CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 lvsels64; C:\WINDOWS\system32\DRIVERS\lvsels64.sys [67992 2009-10-07] (Logitech Inc.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-01] (Realtek Semiconductor Corp.)
S3 SjtWinIo; C:\WINDOWS\System32\drivers\SjtWinIo.sys [9216 2015-06-15] (SpeedJet Technology INC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-08-05] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-08-05] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-05] (Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
2019-01-27 18:02 - 2017-04-07 20:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-27 17:39 - 2018-11-20 13:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2013-07-22 12:36 - 2013-07-22 12:36 - 095023320 _____ () C:\ProgramData\b7aiw.pad
2015-07-14 12:05 - 2015-07-29 07:48 - 000002536 _____ () C:\Program Files\suit.log
2018-05-19 12:00 - 2018-05-19 12:00 - 007649280 _____ () C:\Program Files (x86)\GUT8E28.tmp
2015-06-10 17:25 - 2015-06-10 17:25 - 000001302 _____ () C:\Program Files (x86)\suit.log
[2018-11-20 16:02] - [2018-11-20 16:02] - 000677376 _____ (Microsoft Corporation) 3E56F9D58EBBB1B33E31B86267DBECFC
[2018-11-20 16:01] - [2018-11-20 16:01] - 001160192 _____ (Microsoft Corporation) 107661923943E9DC06ED2713AC5F7753
safeboot: Minimal => The system is configured to boot to Safe Mode <==== ATTENTION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.01.2019
Ran by Grace (27-01-2019 18:20:16)
Running from C:\Windows\System32\config\systemprofile\Desktop
Windows 10 Home Version 1803 17134.191 (X64) (2018-11-20 19:03:12)
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3490083518-890513852-1545284020-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3490083518-890513852-1545284020-503 - Limited - Disabled)
Grace (S-1-5-21-3490083518-890513852-1545284020-1000 - Administrator - Enabled) => C:\Users\Dorothy
Guest (S-1-5-21-3490083518-890513852-1545284020-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3490083518-890513852-1545284020-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3490083518-890513852-1545284020-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVG 2012 (HKLM\...\{22591D78-46F8-41E4-9E89-323B8C0A16AF}) (Version: 12.0.2193 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{49A4F76E-4285-4AEE-9D5D-9CCE5E86AA8F}) (Version: 12.0.2180 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{6B9CE44B-52D0-4B2F-BDFA-56FF4977A790}) (Version: 12.0.2195 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{74E52BA7-4698-4BE1-858C-8ED27E836570}) (Version: 12.0.2171 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{7D451293-B3FC-4664-B1B4-552B28736D05}) (Version: 12.0.2126 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{857B32C1-7C87-40B5-B2A5-D06F49B80002}) (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{9666782C-CEBB-4D2A-8651-5A02AECA8034}) (Version: 12.0.2127 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{C43C57C2-092C-4BB2-9371-C7342EF0CBA5}) (Version: 12.0.2176 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{E3A9E569-929C-4716-8211-D7D2ADC467E4}) (Version: 12.0.2169 - AVG Technologies) Hidden
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.33 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix)
CM Installer (HKLM-x32\...\{681544C2-FFA2-4CFD-A9AD-2A3D25DF8D22}) (Version: 1.0.0.0 - Cyanogen Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3520.50 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.2316.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.00.01 - SEIKO EPSON CORPORATION)
EPSON NX420 Series Printer Uninstall (HKLM\...\EPSON NX420 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WorkForce 610 Series Printer Uninstall (HKLM\...\EPSON WorkForce 610 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Freemake Audio Converter version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.33 - NewTech Infosystems)
Gateway Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3006 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.7.0730 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Gateway Incorporated)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPL Ghostscript 8.63 (HKLM-x32\...\GPL Ghostscript 8.63) (Version: - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.58 - Conexant Systems)
HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.8.47.1 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 0.0.05 - Gateway)
Leawo Music Recorder version 2.2.0.0 (HKLM-x32\...\{FAF11D3B-7633-402B-BAFA-4BCAAE030F20}_is1) (Version: 2.2.0.0 - Leawo Software)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
liteCam HD (HKLM-x32\...\{49D77BFA-135A-49AD-9A8A-8488EADA562D}) (Version: 5.02.0000 - RSUPPORT)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MultiCharts .NET64 Special Edition (HKLM\...\{3BA96A22-74D0-4E70-8137-EDAC30DC05FD}) (Version: 10.0.13987 - TS Support) Hidden
MultiCharts .NET64 Special Edition (HKLM\...\MultiCharts .NET64 Special Edition) (Version: 10.0.13987 - MultiCharts)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5963 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Rithmic Trader Pro 12.40.0.0 (HKLM-x32\...\{455F3A8D-CE66-4A73-85D2-980150626FA0}) (Version: 12.40.0 - Omnesys Technologies, Inc.)
RMP4 (HKLM-x32\...\{F78FC958-7354-43EA-BF26-AFCBFE7B9C18}) (Version: 1.05.0000 - RSUPPORT)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.2 - Roxio)
RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.02.0000 - RSUPPORT)
S5 BookMap 6.0.0 (HKLM-x32\...\S5 BookMap) (Version: - VeloxPro)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.11.1 - SuYin)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3009 - Gateway Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2014-11-18] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02EDB583-AB97-4C10-A275-7F5FC0B463F9} - System32\Tasks\G2MUploadTask-S-1-5-21-3490083518-890513852-1545284020-1000 => C:\Users\Dorothy\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [2016-09-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {06A88534-1F09-447F-9CBF-1534FE769BC0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0A1666C6-ACA5-4C90-9F21-87CA2A16EC27} - System32\Tasks\HPCeeScheduleForGrace => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {1EABDA95-746D-4690-A6E6-5F828954F6CE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-20] ()
Task: {208BAF21-DD64-4A0C-A80E-87F5DDC681C1} - System32\Tasks\G2MUpdateTask-S-1-5-21-3490083518-890513852-1545284020-1000 => C:\Users\Dorothy\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [2016-09-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {23877A2E-94CE-4218-B367-F2636DA5C834} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {244DD981-CCA4-4165-B513-274B2540EDB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {27D0D373-F9A7-4A0D-83D1-80FBF29863A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {28185301-9098-4F97-8288-23B6C7A917C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {2EB83F41-99A3-4C25-B2F7-4F1246BE7459} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {316BA93E-E306-410D-91AB-AAF711AD0C01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {38885A60-BB4A-456C-8E66-6FEDEA009A91} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-16] (Adobe Systems Incorporated)
Task: {3EF93E48-1361-43A9-9E25-4613470CB638} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {4101B8DB-17F4-4904-9536-117A81F9C91E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {4706B27C-277A-4741-8F87-8AA1DEEFD947} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {49C657AD-57B0-492B-B4B2-906B41E5ED31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {4A8882AD-8AA5-4AA3-9435-38A545550010} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3490083518-890513852-1545284020-1000 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4B60349C-F83A-4838-8CAC-98D970754D1B} - System32\Tasks\{1903E086-08BF-45D3-807B-E444BB3DF297} => "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=404
Task: {4BE75E50-8BDA-4F9E-858D-197CA00109AB} - System32\Tasks\TidyNetwork Update => C:\Users\Dorothy\AppData\Local\TidyNetwork.com\tidy2update.exe
Task: {4C81363C-E4DF-482A-8AFC-4B9FBCAD1F37} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: {50A843EC-43CB-4FAC-B875-F1FA511D45B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58D981AC-9D77-4E3C-B150-EB7527C6293F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AC9C097-6C8D-40F4-A3DD-C82BF27B57E9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5DADB4EF-8BAE-41B7-B8D0-C3679BE3DAC4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {66434D33-463E-4175-9C09-E1644B81C4C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {6B86AE95-800F-405A-BC29-3DC68D00B468} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6F457156-20FF-4957-9EFA-D89FCD5098CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {706316D6-A0C6-4867-8127-F0FB75A8506B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN3CD2M23K => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {7108604A-DD29-4079-8FF0-ED5F322C9FBE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {78F93ADC-F92A-427A-BAA5-AF657E5E84FF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C7371DE-0862-40AD-A19C-DB52CABED92B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {873C467F-306E-4C38-BE23-D16EA1E9E815} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {890E7F2B-FB2C-4D39-B56B-3B34B4279CD3} - System32\Tasks\{6AFD9B11-D5DF-4B91-96AD-FA1D9F9C31C1} => C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {8EC86DD7-81C1-425E-87E4-FF09CBE2E95B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8EF1508B-141F-4117-8C9B-6A41D4F887EF} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {953ADC22-F5E4-458D-A7D8-4141DEC02F4D} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {A9E9E8A1-3307-4587-A430-F73CAB97767A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AFF92E0C-0766-4FDD-B8A1-F929B2F7363C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0D237C4-966B-4FA9-A20A-21436E9DC61B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B66C44CE-B5DA-447C-B9A5-52AE5D226FAA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C53CC418-F761-428A-8EF6-9C2A150A17CE} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE6DD33E-32AA-4FE1-9BDE-DC45EC086A41} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D143ABD9-9826-49E5-A6C7-466C97C877B1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D339224C-D34D-4BE4-B338-DA928BDBA577} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D350DFB3-8888-4903-9337-AE00CCB9D5A6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D95D0352-293E-477E-B7B1-2C01ABEAF898} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD661CDB-C9A7-4942-8F65-F88433811FA8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E84F4C42-D41E-49CF-A0CE-569AC2208560} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {EF32ECD1-0DC9-4CD5-98BF-030B9649A67A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F65323F7-3326-4C95-93DA-564D792DE093} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F70C766E-3344-4C55-B423-88B7FD6DF90D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForGrace.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:CD5BCD16 [216]
AlternateDataStreams: C:\Users\Dorothy\Desktop\2016-03-10_15'45'06'.mp3:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Dorothy\Desktop\2016-03-10_16'20'12'.mp3:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AJRouter => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppHostSvc => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BTAGService => 3
MSCONFIG\Services: BthAvctpSvc => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: camsvc => 3
MSCONFIG\Services: CDPSvc => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DeviceAssociationService => 2
MSCONFIG\Services: DeviceInstall => 3
MSCONFIG\Services: DevQueryBroker => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: diagnosticshub.standardcollector.service => 3
MSCONFIG\Services: diagsvc => 3
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: DmEnrollmentSvc => 3
MSCONFIG\Services: dmwappushservice => 3
MSCONFIG\Services: DoSvc => 3
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DsmSvc => 3
MSCONFIG\Services: DsSvc => 3
MSCONFIG\Services: DusmSvc => 2
MSCONFIG\Services: Eaphost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: EpsonBidirectionalService => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_EB_RPCV4_04 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: EventLog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: fhsvc => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: FrameServer => 3
MSCONFIG\Services: GraphicsPerfSvc => 3
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPTouchpointAnalyticsService => 2
MSCONFIG\Services: HsfXAudioService => 2
MSCONFIG\Services: HvHost => 3
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: icssvc => 3
MSCONFIG\Services: IKEEXT => 3
MSCONFIG\Services: InstallService => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: IpxlatCfgSvc => 3
MSCONFIG\Services: irmon => 3
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: LicenseManager => 3
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: LVPrcS64 => 2
MSCONFIG\Services: LxpSvc => 3
MSCONFIG\Services: MapsBroker => 2
MSCONFIG\Services: mpssvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: MSMQ => 2
MSCONFIG\Services: NaturalAuthentication => 3
MSCONFIG\Services: NcaSvc => 3
MSCONFIG\Services: NcbService => 3
MSCONFIG\Services: NcdAutoSetup => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: NetMsmqActivator => 2
MSCONFIG\Services: NetPipeActivator => 2
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NetSetupSvc => 3
MSCONFIG\Services: NetTcpActivator => 2
MSCONFIG\Services: NetTcpPortSharing => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: Norton Internet Security => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: PhoneSvc => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: PushToInstall => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 2
MSCONFIG\Services: RetailDemo => 3
MSCONFIG\Services: RmSvc => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SEMgrSvc => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensorDataService => 3
MSCONFIG\Services: SensorService => 3
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: SharedRealitySvc => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: smphost => 3
MSCONFIG\Services: SmsRouter => 3
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: spectrum => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: svsvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: TieringEngineService => 3
MSCONFIG\Services: TokenBroker => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 2
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: VacSvc => 3
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvmsession => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: w3logsvc => 3
MSCONFIG\Services: W3SVC => 2
MSCONFIG\Services: WalletService => 3
MSCONFIG\Services: WarpJITSvc => 3
MSCONFIG\Services: WAS => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: Wcmsvc => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WEPHOSTSVC => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WFDSConMgrSvc => 3
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: wisvc => 3
MSCONFIG\Services: WlanSvc => 2
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wlpasvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: workfolderssvc => 3
MSCONFIG\Services: WpcMonSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WpnService => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxGipSvc => 3
MSCONFIG\Services: XboxNetApiSvc => 3
MSCONFIG\startupfolder: C:^Users^Dorothy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Cloud Player => C:\Users\Dorothy\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvgRemover => C:\Users\Dorothy\Desktop\avg_remover_stf_x64_2013_2706.exe /run_number=2 /avgdir="C:\Program Files (x86)\AVG\AVG2012\" /avgdatadir="C:\ProgramData\AVG2012\" /ndis_nextstep=1
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: eFax 4.4 => "C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe" /R
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: ROC_ROC_APR2013_AV => C:\Users\Dorothy\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 206ef9833a0547d6810fa113f030f345-2c281204cb3c23d4ef7a016a20a26c076048ea2e --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VideoWebCamera => "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
HKLM\...\StartupApproved\Run: => "Acer ePower Management"
HKLM\...\StartupApproved\Run32: => "Panasonic PCFAX for KX-FLB800/FLM650 Series"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{98A6BB8E-F6D0-4BC8-9FE4-BAA117C8A209}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{56D668D9-ACA1-4A40-8CBE-7D674A0AEFD6}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{D740D2E4-4794-4A35-A9B0-EBFD5021576D}] => (Allow) LPort=5357
FirewallRules: [{236C11F0-3482-42B4-BF92-DA4C0C894107}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{7D3622D0-E36C-4748-B168-C0D0717E0E92}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{FF05C41A-FC33-46AA-8E5E-0E01315D97C0}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{6B54F428-8A58-4AC4-B668-A481F63DD910}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{67079B02-5066-478B-A478-33686DF3A8AD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
FirewallRules: [{7F073A1D-ECE3-4343-9DF2-605E4F47CDBE}] => (Allow) svchost.exe (Microsoft Corporation)
FirewallRules: [{73432CCB-127E-4E86-9E73-08D30C828ABC}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
FirewallRules: [{50B1591C-05D6-481F-B81A-0952A793C106}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE (CyberLink Corp.)
FirewallRules: [{97CAEFC5-3499-4A5B-8300-C7636BA3530C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{39D67CB6-67F0-42AC-8E8B-E64BB3EFC048}] => (Allow) LPort=2869
FirewallRules: [{4214CCF1-D3A9-4CAA-AD54-BC5B1BD18AE8}] => (Allow) LPort=1900
FirewallRules: [{E85D6C83-312F-4CB3-8EBD-84A736461A6C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{2E92A8C7-C469-421E-80F9-A34C773F8255}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{F4D20F96-9D2D-46BF-8FE4-0C0CB4B46284}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{C8658A67-E674-4C5B-9BDD-324BDFA41900}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{1EC17BC0-E749-4570-B1D0-51295ABBF323}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc.)
FirewallRules: [{0A9771F9-A62E-4D6D-93E5-225AD7A6AE93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{A2903A74-928B-4777-A6CE-ACC6ACCB7D45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{D626DE48-D160-4DC7-8899-818B5A59CCB4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{74DC4B59-7F19-47DF-A6F8-A2479FAF162F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [TCP Query User{715E6F2F-F47E-45F0-931B-1B1885E4883F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [UDP Query User{A8159E19-F62E-43AA-8BB3-50FBD55709AF}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [TCP Query User{34B468BD-6F68-4712-AD78-C63160E1BAC5}C:\program files (x86)\thinkorswim\thinkorswim.exe] => (Allow) C:\program files (x86)\thinkorswim\thinkorswim.exe (thinkorswim, Inc)
FirewallRules: [UDP Query User{35DF6801-9E6D-4097-A1EF-C725C5F18226}C:\program files (x86)\thinkorswim\thinkorswim.exe] => (Allow) C:\program files (x86)\thinkorswim\thinkorswim.exe (thinkorswim, Inc)
FirewallRules: [{93DFDA90-6FE8-483C-8268-A6666CA6032E}] => (Block) C:\program files (x86)\thinkorswim\thinkorswim.exe (thinkorswim, Inc)
FirewallRules: [{42EAF20A-867B-43E6-ADCD-28F7BD2D642D}] => (Block) C:\program files (x86)\thinkorswim\thinkorswim.exe (thinkorswim, Inc)
FirewallRules: [{C2E7FA7F-0ADB-4F7B-8746-35D8AC625D3D}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{3413532A-CF19-4404-B2A9-8C5484F32951}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{9CF53E56-24D2-4187-AE10-63DF9AE1026F}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{9A8B0FFA-D7E4-48C2-B959-F8540AEC0A28}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{99008BFD-72BB-4609-8266-5824BB9CCB59}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
FirewallRules: [{471FD548-26C7-43F7-9D33-1CA3211293BB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/27/2019 05:57:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
Operation:
Instantiating VSS server
Error: (01/27/2019 05:57:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]
Operation:
Instantiating VSS server
Error: (11/20/2018 01:48:43 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (11/20/2018 01:43:33 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (11/20/2018 01:43:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (11/20/2018 01:43:18 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (11/20/2018 01:41:41 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (11/20/2018 01:41:41 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
System errors:
=============
Error: (01/27/2019 06:17:37 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\Windows\System32\smartscreen.exe -Embedding
Error: (01/27/2019 06:17:30 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {3EEF301F-B596-4C0B-BD92-013BEAFCE793} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding
Error: (01/27/2019 06:17:30 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {3EEF301F-B596-4C0B-BD92-013BEAFCE793} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding
Error: (01/27/2019 06:17:30 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {515980C3-57FE-4C1E-A561-730DD256AB98} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {515980c3-57fe-4c1e-a561-730dd256ab98} -Embedding
Error: (01/27/2019 06:13:46 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {8CEC58AE-07A1-11D9-B15E-000D56BFE6EE} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\Windows\helppane.exe -Embedding
Error: (01/27/2019 06:10:53 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {682159D9-C321-47CA-B3F1-30E36B2EC8B9} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding
Error: (01/27/2019 06:10:53 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {682159D9-C321-47CA-B3F1-30E36B2EC8B9} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding
Error: (01/27/2019 06:10:53 PM) (Source: DCOM) (EventID: 10001) (User: GRACELAPTOP)
Description: Unable to start a DCOM Server: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} as Unavailable/Unavailable. The error:
"1008"
Happened while starting this command:
C:\WINDOWS\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 14%
Total physical RAM: 3766.77 MB
Available physical RAM: 3230.22 MB
Total Virtual: 7606.77 MB
Available Virtual: 7242.4 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:453.66 GB) (Free:256.02 GB) NTFS
Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive f: (ANACONDA) (Removable) (Total:0.01 GB) (Free:0 GB) FAT
\\?\Volume{baaba001-d442-11df-bf14-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{baaba000-d442-11df-bf14-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:12 GB) (Free:3.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 492A0896)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 13B46EC8)
Partition 1: (Active) - (Size=1.3 GB) - (Type=00)
Partition 2: (Not Active) - (Size=5 MB) - (Type=01)
Partition 3: (Not Active) - (Size=11 MB) - (Type=00)
==================== End of Addition.txt ============================