Solved No antivirus or malware/rootkit detector will currently work

[Kim Fettig]

I originally noticed two problems today: 1) My iTunes program would not open, and 2) AVG was turned off, as was Windows Defender out of date - respectively, I couldn't get either to turn on or update. I started off trying to install Malwarebytes, it installed, but once clicked, would not open to run. I tried running the Chameleon tool, it would freeze up at "1800 second timeout" prompt. I tried to install Kaspersky; it froze at 5 seconds on installation completion. I then went into safe mode with networking and attempted to run Kaspersky TDSSKiller, it scanned for 27 minutes without getting past zero objects. It has now been "stopping scan" for an additional 10 minutes and had to go kill the process in Task Manager to close it. I am now currently scanning with FRST as per preparation instructions, but it appears to be frozen at scanning restore points. I am not sure if I will successfully produce any of the required log files. I have never encountered anything like this and have no idea what happened. It seems like everything I try is somehow blocked.

 

[TwinHeadedEagle]

Hello and welcome,


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
  
  
  
  
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[Kim Fettig]

I tried it in safe mode, and it kept freezing. But I ran it this morning in Normal mode, here are the files

 

[Kim Fettig]

FRST file:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by owner (administrator) on OWNER-PC (12-07-2016 07:01:22)
Running from C:\Users\owner\Desktop
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL]
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(RedFox) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
() C:\Program Files (x86)\Legitmix\Legitmix.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Oracle Corporation) C:\Program Files (x86)\Legitmix\jre\bin\java.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_22_0_0_192_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2011-05-02] (ActivIdentity)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [489512 2011-05-02] (ActivIdentity)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe /boot
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [236016 2008-08-26] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [124536 2015-06-04] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [BlackBerryAutoUpdate] => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [615696 2008-09-19] (Research In Motion Limited)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1874264 2011-08-19] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [ApproveItForOfficeSetup] => C:\Program Files (x86)\ApproveIt\Support\Tools\ApproveItForOfficeSetup.exe [155648 2011-01-28] (Silanis Technology Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-09-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2662472 2016-06-15] ()
HKLM-x32\...\Run: [AprvRemoveLegacyExcelKeys] => C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2011-01-29] (Silanis Technology Inc.)
HKLM-x32\...\Run: [AprvRemoveLegacyWordKeys] => C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2011-01-29] (Silanis Technology Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [10364448 2016-07-11] (RedFox)
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\owner\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b /CMPID=1113a
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\MountPoints2: {3b275508-9f1c-11e5-873f-180373c4c29c} - J:\VerizonWirelessUpgradeAssistantSetup.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk [2012-03-19]
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ApproveIt StartUp.lnk [2014-03-19]
ShortcutTarget: ApproveIt StartUp.lnk -> C:\Windows\Installer\{F39BD95B-5B9E-4E83-96C4-D4667FD061C6}\Icon9557F1BC1.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2012-03-17]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-06-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2012-03-17]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2012-03-17]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-09-19]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Legitmix.lnk [2016-02-08]
ShortcutTarget: Legitmix.lnk -> C:\Program Files (x86)\Legitmix\Legitmix.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{06FCE7B7-DE70-412C-8F12-1A9E42FF031B}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{417FD7C4-0FA9-4E69-883C-7646C58A3AF3}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-02-12 16:52:10&v=19.4.0.518&pid=safeguard&sg=0&sap=hp
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://[URL="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"]www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox[/URL]
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://[URL="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"]www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox[/URL]
SearchScopes: HKLM-x32 -> DefaultScope {E8E11F90-650B-4589-96BA-CC3A791A2AEA} URL = 
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://[URL="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"]www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox[/URL]
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {178190E1-AA37-450C-AD74-83E5CACBC3C3} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {5A0B5F61-198F-4418-ACAE-72F08A54BE5F} URL = hxxps://[URL="http://www.google.com/search?q={searchTerms}"]www.google.com/search?q={searchTerms}[/URL]
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {689A6EA4-4342-4637-A9A7-EF25035F9E3A} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2014-02-12 16:52:10&v=19.4.0.518&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {A18E8EAD-BF57-45AF-8AAD-3313770850DE} URL = hxxp://[URL="http://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11405&pf=V7&p2=^BBD^OSJ000^YY^US&gct=&itbv=12.24.1.51&apn_uid=5E08A99B-29E6-422E-B614-73E88115946B&apn_ptnrs=BBD&apn_dtid=^OSJ000^YY^US&apn_dbr=ie_10.0.9200.17267&doi=2015-03-16&trgb=IE&q={searchTerms}&psv=&pt=tb"]www.search.ask.com/web?tpid=ORJ-SPE&o=APN11405&pf=V7&p2=^BBD^OSJ000^YY^US&gct=&itbv=12.24.1.51&apn_uid=5E08A99B-29E6-422E-B614-73E88115946B&apn_ptnrs=BBD&apn_dtid=^OSJ000^YY^US&apn_dbr=ie_10.0.9200.17267&doi=2015-03-16&trgb=IE&q={searchTerms}&psv=&pt=tb[/URL]
SearchScopes: HKU\S-1-5-21-4135610809-3517379215-834288334-1000 -> {E8E11F90-650B-4589-96BA-CC3A791A2AEA} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298568&CUI=UN15332641841077943&UM=2
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-07-30] (RealDownloader)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: IBM Forms Viewer Helper -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Forms Viewer\4.0\PEhelper.dll [2012-05-25] (IBM Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-07-30] (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-23] (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-15] (AVG Secure Search)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-23] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-15] (AVG Secure Search)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://ciscolearning.webex.com/client/WBXclient-T29L10NSP13EP71-10003/nbr/ieatgpc1.cab
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll [2012-06-17] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-23] (AVG Secure Search)
Handler-x32: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files (x86)\Microsoft\SMIME Client (2010)\mimectl.dll [2013-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-23] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-09-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-07-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-09-19] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\owner\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-11-22] (Cisco WebEx LLC)
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-10-20] [not signed]
FF HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome: 
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-12 16:52:10&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-12 16:52:10&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-12 16:52:10&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mysearch.avg.com_
CHR DefaultNewTabURL: Default -> hxxps://mysearch.avg.com/chroment?espv=2&cid={5B036D45-F051-4C70-874E-60F3D83263E2}&mid=382d9fe842c947d08bb8c94a35202b6f-fe20c73f7ad2bc412d90c3c9963fbd40ab2d180b&lang=en&ds=AVG&pr=fr&d=2014-02-12 16:52:10&v=18.1.9.799&pid=safeguard&sg=0
CHR DefaultSuggestURL: Default -> hxxp://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll => No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll => No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Freemake Video Converter) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-08-10]
CHR Extension: (Cisco WebEx Extension) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-26]
CHR HKU\S-1-5-21-4135610809-3517379215-834288334-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nobnjjknonbflhaiepehfnncjhigejke] - C:\Users\owner\AppData\Local\CRE\nobnjjknonbflhaiepehfnncjhigejke.crx [2013-08-04]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [nobnjjknonbflhaiepehfnncjhigejke] - C:\Users\owner\AppData\Local\CRE\nobnjjknonbflhaiepehfnncjhigejke.crx [2013-08-04]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2014-02-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-08-01] (Freemake) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [293128 2016-05-31] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2011-08-19] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2011-08-19] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-19] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 vToolbarUpdater19.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe [1888328 2016-04-23] (AVG Secure Search)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 02FAD8CC; C:\Windows\System32\drivers\02FAD8CC.sys [457824 2016-07-11] (Kaspersky Lab ZAO)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (RedFox)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [279296 2016-05-17] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-05-20] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [30336 2007-01-18] (Research in Motion Ltd)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)
S3 STCFUx64; C:\Windows\System32\DRIVERS\STCFUx64.SYS [10496 2014-06-18] (Identive)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2015-12-07] (Western Digital Technologies)
S3 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-12 07:01 - 2016-07-12 07:01 - 00039665 _____ C:\Users\owner\Desktop\FRST.txt
2016-07-12 06:54 - 2016-07-12 07:01 - 02390528 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2016-07-12 06:33 - 2016-07-12 06:33 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4135610809-3517379215-834288334-1000
2016-07-12 06:18 - 2016-07-12 06:33 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4135610809-3517379215-834288334-1000
2016-07-11 22:23 - 2016-07-12 07:01 - 00000000 ____D C:\FRST
2016-07-11 21:53 - 2016-07-11 21:54 - 00007684 _____ C:\TDSSKiller.3.1.0.9_11.07.2016_21.53.49_log.txt
2016-07-11 21:51 - 2016-07-11 23:28 - 00178084 _____ C:\Windows\ntbtlog.txt
2016-07-11 21:32 - 2016-07-11 21:48 - 00003362 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4135610809-3517379215-834288334-1000
2016-07-11 21:32 - 2016-07-11 21:48 - 00003228 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4135610809-3517379215-834288334-1000
2016-07-11 21:06 - 2016-07-11 21:06 - 02622304 _____ (Kaspersky Lab) C:\Users\owner\Downloads\kss16.0.0.1344en_9702.exe
2016-07-11 20:00 - 2016-07-11 21:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-07-11 19:39 - 2016-07-11 19:39 - 00457824 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\02FAD8CC.sys
2016-07-11 19:39 - 2016-07-11 19:39 - 00000000 ____D C:\KVRT_Data
2016-07-11 16:47 - 2016-07-12 06:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-11 12:58 - 2016-07-11 12:58 - 00154448 _____ (RedFox) C:\Windows\SysWOW64\Drivers\AnyDVD.sys
2016-07-11 12:58 - 2016-07-11 12:58 - 00154448 _____ (RedFox) C:\Windows\system32\Drivers\AnyDVD.sys
2016-07-06 07:48 - 2016-07-09 12:31 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForowner.job
2016-07-06 07:48 - 2016-07-09 12:08 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForowner
2016-06-29 21:46 - 2016-06-29 23:09 - 00000000 ____D C:\Users\owner\Documents\25B40 002-16 1059 PH2
2016-06-21 12:04 - 2016-06-21 12:05 - 00517928 _____ C:\Users\owner\Desktop\Fettig Self Assessment.pdf
2016-06-21 12:02 - 2016-06-21 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-06-21 12:00 - 2016-06-21 12:00 - 00490355 _____ C:\Users\owner\Downloads\Fettig Self Assessment (1).pdf
2016-06-21 11:59 - 2016-06-21 11:59 - 00490355 _____ C:\Users\owner\Downloads\Fettig Self Assessment.pdf
2016-06-15 23:24 - 2016-06-15 23:24 - 00664994 _____ C:\Users\owner\Desktop\ALARACT_001_2012_LIST OF EFFECTIVE ALARACT MESSAGES.pdf
2016-06-15 23:21 - 2016-06-15 23:21 - 00393436 _____ C:\Users\owner\Desktop\ALARACT_001_2013_LIST OF EFFECTIVE ALARACT MESSAGES.pdf
2016-06-15 21:53 - 2016-05-12 13:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 21:53 - 2016-05-12 13:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-15 21:53 - 2016-05-12 13:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-15 21:53 - 2016-05-12 13:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-15 21:53 - 2016-05-12 13:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-15 21:53 - 2016-05-12 13:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-15 21:53 - 2016-05-12 13:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-15 21:53 - 2016-05-12 13:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-15 21:53 - 2016-05-12 11:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-15 21:53 - 2016-05-12 11:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-15 21:53 - 2016-05-12 10:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 21:53 - 2016-05-12 10:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 21:53 - 2016-05-12 10:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-15 21:53 - 2016-05-12 10:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 21:53 - 2016-05-12 10:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-15 21:53 - 2016-05-12 10:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-15 21:53 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-15 21:53 - 2016-05-12 10:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-15 21:53 - 2016-05-12 10:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-15 21:53 - 2016-05-12 09:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 21:53 - 2016-05-12 09:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 21:53 - 2016-05-12 09:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 21:53 - 2016-04-14 12:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-15 21:53 - 2016-04-14 12:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-15 21:53 - 2016-04-14 12:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-15 21:53 - 2016-04-14 12:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-15 21:53 - 2016-04-14 12:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-15 21:53 - 2016-04-14 12:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-15 21:53 - 2016-04-14 11:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-15 21:53 - 2016-04-14 11:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-15 21:53 - 2016-04-14 11:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-15 21:53 - 2016-04-14 11:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-15 21:53 - 2016-04-14 11:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-15 21:53 - 2016-04-14 11:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-15 21:52 - 2016-06-06 12:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 21:52 - 2016-06-06 12:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 21:52 - 2016-06-03 09:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 21:52 - 2016-05-27 09:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-15 21:52 - 2016-05-27 09:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 21:52 - 2016-05-27 09:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 21:52 - 2016-05-27 09:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-15 21:52 - 2016-05-22 09:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 21:52 - 2016-05-18 12:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 21:52 - 2016-05-18 12:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 21:52 - 2016-05-13 18:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 21:52 - 2016-05-13 18:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 21:52 - 2016-05-13 18:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 21:52 - 2016-05-13 18:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-15 21:52 - 2016-05-13 18:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-15 21:52 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 21:52 - 2016-05-13 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-15 21:52 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 21:52 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-15 21:52 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 21:52 - 2016-05-12 13:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-15 21:52 - 2016-05-12 13:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 21:52 - 2016-05-12 13:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 21:52 - 2016-05-12 13:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 21:52 - 2016-05-12 13:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 21:52 - 2016-05-12 13:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 21:52 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 21:52 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-15 21:52 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-15 21:52 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 21:52 - 2016-05-12 11:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-15 21:52 - 2016-05-11 13:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 21:52 - 2016-05-11 13:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 21:52 - 2016-05-11 13:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 21:52 - 2016-05-11 13:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 21:52 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 21:52 - 2016-05-11 11:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 21:52 - 2016-05-11 11:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 21:52 - 2016-05-11 11:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 21:52 - 2016-05-11 11:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-15 21:52 - 2016-05-11 11:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-15 21:52 - 2016-05-11 10:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 21:52 - 2016-04-09 02:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 21:52 - 2016-04-09 02:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-15 21:52 - 2016-04-09 02:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-15 21:52 - 2016-04-09 02:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-15 21:52 - 2016-04-09 01:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 21:52 - 2016-04-09 01:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 21:52 - 2016-03-09 15:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-15 21:52 - 2016-03-09 14:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-15 21:44 - 2016-06-15 22:02 - 00000000 ____D C:\Users\owner\Desktop\New folder
2016-06-15 21:30 - 2016-06-15 21:31 - 00000000 ____D C:\Users\owner\AppData\Local\DoD-PKE
2016-06-15 21:30 - 2016-06-15 21:30 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DoD-PKE
2016-06-15 21:30 - 2016-06-15 21:30 - 00000000 ____D C:\Users\owner\AppData\Roaming\DoD-PKE
2016-06-15 19:59 - 2016-06-15 19:59 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2016-06-15 19:49 - 2016-06-15 19:50 - 00000312 _____ C:\Users\owner\Desktop\AnyDVDHD_Key_LC9-XCP.AnyDVDHD
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-12 06:50 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-12 06:50 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-12 06:33 - 2011-12-23 16:46 - 00000000 ____D C:\Users\owner\AppData\Local\SoftThinks
2016-07-12 06:33 - 2011-09-22 12:23 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-07-12 06:31 - 2013-07-03 22:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-12 06:30 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-12 06:23 - 2013-03-18 11:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-12 06:21 - 2012-12-23 00:40 - 00000000 ____D C:\ProgramData\MFAData
2016-07-11 22:17 - 2012-12-02 23:22 - 00000000 ____D C:\Users\owner\AppData\Roaming\Real
2016-07-11 22:05 - 2013-03-19 12:35 - 00000000 ____D C:\Program Files\Vuze
2016-07-11 21:51 - 2011-12-23 16:46 - 00000000 ____D C:\Users\owner
2016-07-11 21:14 - 2013-07-03 22:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-11 20:50 - 2012-01-05 13:10 - 00001103 _____ C:\Users\Public\Desktop\AnyDVD.lnk
2016-07-11 16:27 - 2016-01-15 15:02 - 00000000 ____D C:\Users\owner\AppData\Local\AvgSetupLog
2016-07-11 16:12 - 2012-01-06 19:04 - 00000043 ___SH C:\ProgramData\.zreglib
2016-07-09 12:34 - 2011-09-22 12:37 - 00000000 ____D C:\ProgramData\Sonic
2016-07-09 12:31 - 2012-05-15 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-09 12:31 - 2012-05-15 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-06 07:56 - 2016-03-25 21:45 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-06-26 03:02 - 2012-05-15 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-25 12:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-06-21 12:23 - 2013-03-18 11:33 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-21 12:23 - 2012-04-08 19:41 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-21 12:23 - 2011-09-22 12:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-21 12:15 - 2013-07-03 22:25 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 12:15 - 2013-07-03 22:25 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-21 12:02 - 2016-02-11 21:07 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-06-21 12:02 - 2015-11-10 21:50 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-06-16 03:31 - 2014-04-26 23:06 - 00480680 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-16 03:27 - 2014-12-10 04:25 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-16 03:10 - 2013-08-15 03:03 - 00000000 ____D C:\Windows\system32\MRT
2016-06-16 03:05 - 2011-12-23 20:09 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-15 19:48 - 2014-04-02 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-15 19:48 - 2013-10-09 18:48 - 00000000 ____D C:\ProgramData\AVG2014
2016-06-15 19:48 - 2012-12-23 00:50 - 00000000 ____D C:\Program Files (x86)\AVG
2016-06-15 19:47 - 2016-01-15 15:07 - 00000938 _____ C:\Users\Public\Desktop\AVG Protection.lnk
==================== Files in the root of some directories =======
2014-12-02 21:07 - 2014-12-04 00:47 - 0003584 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-19 20:27 - 2014-09-19 20:27 - 0000017 _____ () C:\Users\owner\AppData\Local\resmon.resmoncfg
2011-12-23 19:50 - 2011-12-23 19:50 - 0017408 _____ () C:\Users\owner\AppData\Local\WebpageIcons.db
2012-01-06 19:04 - 2016-07-11 16:12 - 0000043 ___SH () C:\ProgramData\.zreglib
2012-02-20 15:16 - 2015-10-20 12:35 - 0015535 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\APNSetup.exe
C:\Users\owner\AppData\Local\Temp\avg-9281d802-b7a9-401b-8756-6e27c9c5ba18.exe
C:\Users\owner\AppData\Local\Temp\avguirn_081419757800.exe
C:\Users\owner\AppData\Local\Temp\avguirn_081484521250.exe
C:\Users\owner\AppData\Local\Temp\avguirn_081560229335.exe
C:\Users\owner\AppData\Local\Temp\avguirn_081718825144.exe
C:\Users\owner\AppData\Local\Temp\avguirn_08604659966.exe
C:\Users\owner\AppData\Local\Temp\avguirn_08808656195.exe
C:\Users\owner\AppData\Local\Temp\install_flashplayer13x32axau_gtba_chra_dy_aaa_aih.exe
C:\Users\owner\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\owner\AppData\Local\Temp\lowproc.exe
C:\Users\owner\AppData\Local\Temp\photostage_1.0.0.50_1.5.0.130_update_all.exe
C:\Users\owner\AppData\Local\Temp\PPCC_Stub.exe
C:\Users\owner\AppData\Local\Temp\rnsetup0.exe
C:\Users\owner\AppData\Local\Temp\stubhelper.dll
C:\Users\owner\AppData\Local\Temp\System.Data.SQLite.dll

==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-07 00:07
==================== End of FRST.txt ============================

 

[Kim Fettig]

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by owner (2016-07-12 07:02:38)
Running from C:\Users\owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-23 20:46:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-4135610809-3517379215-834288334-500 - Administrator - Disabled)
Guest (S-1-5-21-4135610809-3517379215-834288334-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4135610809-3517379215-834288334-1002 - Limited - Enabled)
owner (S-1-5-21-4135610809-3517379215-834288334-1000 - Administrator - Enabled) => C:\Users\owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
“RocketTab” (HKLM-x32\...\RocketTab) (Version:  - “RocketTab”)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActivClient CAC x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.0.3.1 - RedFox)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10104 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{6E3D4FFE-9614-4E58-9DE2-F9A036EAD491}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
AVG (Version: 16.81.7640 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 19.4.0.518 - AVG Technologies)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BlackBerry Desktop Software 4.7 (HKLM-x32\...\BlackBerry_{9833D727-8FF5-40AE-A193-525747555FF1}) (Version: 4.7.0.25 - Research In Motion Ltd.)
BlackBerry Desktop Software 4.7 (x32 Version: 4.7.0.25 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2011.0104.2155.39304 - ATI) Hidden
Cisco Packet Tracer 6.1.1 Instructor (HKLM-x32\...\Cisco Packet Tracer 6.1.1 Instructor_is1) (Version:  - Cisco Systems, Inc.)
Cisco Packet Tracer 6.2 Instructor (HKLM-x32\...\Cisco Packet Tracer 6.2 Instructor_is1) (Version:  - Cisco Systems, Inc.)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.6 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
e-Sign Desktop 6.6 (HKLM-x32\...\{F39BD95B-5B9E-4E83-96C4-D4667FD061C6}) (Version: 6.60.3.1000 - Silanis Technology Inc.)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Freemake Video Converter version 4.0.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM Forms Viewer 4.0.0 (HKLM-x32\...\{48462CC7-7DF3-4107-9459-12D3A11C6D80}) (Version: 4.0.0.1 - IBM)
InstallRoot (HKLM-x32\...\{D2F70579-4F4C-411A-8ACD-97136C0F0AB9}) (Version: 4.1 - DoD PKE)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 7.0.6.19846 - LeapFrog)
LeapFrog Connect (x32 Version: 7.0.6.19846 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 7.0.6.19846 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 7.0.6.19846 - LeapFrog) Hidden
Legitmix 1.0.0.10 (HKLM-x32\...\6488-0370-8239-2138) (Version: 1.0.0.10 - Legitmix Inc)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.334.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft S/MIME (HKLM-x32\...\{D932D6AE-786B-4ECD-B6FE-B9C0EB059B3C}) (Version: 14.3.123.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Pass4sure for CISCO 640-802 8.14 (HKLM-x32\...\Pass4sure for CISCO 640-802) (Version: 8.14 - Pass4sure)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
POWERPREP II (HKLM-x32\...\{2687340C-C114-47DC-9F0E-C1BA85FEB001}) (Version: 2.2.0000 - ETS)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickBooks (x32 Version: 22.0.4001.2206 - Intuit Inc.) Hidden
QuickBooks Premier: Nonprofit Edition 2012 (HKLM-x32\...\{21CA04FB-3C82-474C-AB3E-86B11BC70F6D}) (Version: 22.0.4001.2206 - Intuit Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
VCE Exam Simulator Demo (HKLM-x32\...\VCE Exam Simulator Demo_is1) (Version:  - Avanset)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Backup (HKLM-x32\...\{d506fdf0-53bc-4782-8d47-737f9f7c5c22}) (Version: 1.3.5814.26411 - Western Digital Technologies, Inc.)
WD Backup (x32 Version: 1.3.5814.26411 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
YTD Video Downloader 4.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.9 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4135610809-3517379215-834288334-1000_Classes\CLSID\{32C15893-74C0-4478-879B-FE14EB684AB4}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x64\hpqgps01.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-4135610809-3517379215-834288334-1000_Classes\CLSID\{39C26CEE-9070-4B47-9261-6743499AFBF7}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x64\hpqgutil.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-4135610809-3517379215-834288334-1000_Classes\CLSID\{9CC1FE07-02F9-49A6-A3F4-63AD8BAE9E49}\InprocServer32 -> C:\Users\owner\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x64\hpqgps01.dll (Hewlett-Packard Co.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1ECFC9A5-644D-4ED4-AF51-37C42A57E663} - System32\Tasks\{404D5D02-66A3-413F-8194-FC27D5832442} => pcalua.exe -a "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B0ZWFJN8\InstallRoot_v3.15A.exe" -d C:\Users\owner\Desktop
Task: {2519E065-483D-4326-9AD4-BF879FF33DB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-21] (Adobe Systems Incorporated)
Task: {27DEC98D-AA3F-4338-8A62-119E340415C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {38DEBCD3-19D5-4AB2-BFB8-9AE53EDFEBBD} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {3B52943A-C42E-4C64-BCBC-39550480018F} - System32\Tasks\{4902717D-1A43-4BDA-AD82-BA783F5AA794} => C:\Program Files\Vuze\Azureus.exe
Task: {431E764D-EAD2-4057-B9AD-4916EFFA1450} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {66E2CEE7-5989-403E-93E5-6D65BBD6C490} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {7DE8DDF0-BA9A-4C13-8283-21FBD935D0F6} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {8E139812-6798-407B-B871-868B7A932DFC} - System32\Tasks\HPCeeScheduleForowner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {90E67658-07EC-4FAA-B4E4-32B95937C206} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {91F0B40E-1BF7-48C4-9ECD-6965784EE6C7} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {97CE7ED1-6AAB-43D4-8770-C95BD6F32F69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {98D19BBB-1F5F-4FC7-AC23-F57A56B27830} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {A45C4944-EBCD-4922-B515-5DA7419ACC6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A8DEC639-0D20-459A-BF92-A66D846E42EC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {AA5A17FB-DEDC-4EFD-BC11-347B51581AF2} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {AA662716-6415-4108-AA28-BD5E8E4B5BF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {ACEE1F82-D8CD-420F-9B90-834FCB227327} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C1C70540-62AC-4380-A347-26B4C0DAFF9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {CBC1F75C-4871-44BE-BB6A-B3EE1E82B05B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {DAA8728D-276A-496D-9E40-6AA846ADF2E7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {DB72283A-4A96-44AC-B123-F9FE1AE5C4A6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-04-22] (Dell Inc.)
Task: {DD788B68-BF1E-460C-A762-E556277923C6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E915AC7C-D10D-4A65-863E-5187888F04B0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {E94B9EF8-A74B-48D8-A9AF-483AF1FDC4C7} - System32\Tasks\RocketTab => /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {EE5C5E88-1988-42AB-B57B-7459FF1EC64F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FA287950-6821-4696-B9F2-7DD4DB99947D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4135610809-3517379215-834288334-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {FF010DE6-6CD5-4AD1-A3F6-F3367C15E561} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-06-28] (HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForowner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\owner\Videos\DivX Movies\DivX Author – Create DivX Movies.lnk -> hxxp://go.divx.com/divx/windows/author/moviesfolder/en (No File)
Shortcut: C:\Users\owner\Videos\DivX Movies\DivX.com.lnk -> hxxp://go.divx.com/en (No File)
Shortcut: C:\Users\owner\Videos\DivX Movies\Enhance your video soundtracks.lnk -> hxxp://go.divx.com/divx/windows/player/dfx/en (No File)
Shortcut: C:\Users\owner\Videos\DivX Movies\Post DivX® video to your website.lnk -> hxxp://go.divx.com/publishvideo/en (No File)
Shortcut: C:\Users\owner\Desktop\Constant Guard Protection Suite.lnk -> hxxp://security.comcast.net/?cid=xfactiv_security (No File)
Shortcut: C:\Users\owner\Desktop\XFINITY Connect.lnk -> hxxp://[URL="http://www.comcast.net/qry/goto?app=mail&cid=xfactiv_email"]www.comcast.net/qry/goto?app=mail&cid=xfactiv_email[/URL] (No File)
Shortcut: C:\Users\owner\Desktop\XFINITY TV.lnk -> hxxp://xfinitytv.comcast.net/?cid=xfactiv_tv (No File)
==================== Loaded Modules (Whitelisted) ==============
2012-02-01 11:50 - 2012-02-01 11:50 - 02195824 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
2012-02-01 11:50 - 2012-02-01 11:50 - 01850224 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
2016-02-08 00:43 - 2015-08-20 16:56 - 00226568 _____ () C:\Program Files (x86)\Legitmix\Legitmix.exe
2014-09-29 20:51 - 2014-09-29 20:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2010-11-17 11:35 - 2010-11-17 11:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2012-02-01 11:50 - 2012-02-01 11:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2016-06-15 19:59 - 2016-06-15 19:58 - 02662472 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-07-30 02:17 - 2014-07-30 02:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 05:04 - 2014-07-30 05:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2011-09-22 12:24 - 2011-07-08 11:12 - 02749248 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2011-08-20 01:32 - 2011-08-20 01:32 - 00268648 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_regex-vc90-mt-p-1_33.dll
2011-08-20 01:33 - 2011-08-20 01:33 - 00020840 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\QBCompressor.dll
2011-08-19 21:30 - 2011-08-19 21:30 - 00059904 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\zlib1.dll
2011-08-20 01:32 - 2011-08-20 01:32 - 00379752 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\BackupLib.dll
2011-08-20 01:33 - 2011-08-20 01:33 - 00138088 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\QBMAPILibrary.dll
2011-08-20 01:32 - 2011-08-20 01:32 - 00176488 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\boost_serialization-vc90-mt-p-1_33.dll
2011-08-20 01:33 - 2011-08-20 01:33 - 00042344 _____ () C:\Program Files (x86)\Intuit\QuickBooks 2012\mbpopup.dll
2016-02-08 00:43 - 2016-02-08 00:43 - 00101888 _____ () C:\Program Files (x86)\Legitmix\.install4j\i4jinst.dll
2010-11-24 23:44 - 2010-11-24 23:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-11-24 11:46 - 2014-11-24 11:46 - 00879104 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2016-04-23 12:15 - 2016-04-23 12:10 - 00527944 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\log4cplusU.dll
2016-01-15 15:03 - 2016-04-10 10:11 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2014-09-19 20:12 - 2014-09-19 20:12 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2016-05-12 04:10 - 2016-05-12 04:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\22e6307b0cd5955ebf3f8abd9e3ab58d\IsdiInterop.ni.dll
2011-09-22 12:19 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02FAD8CC.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02FAD8CC.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\legitmix.com -> hxxp://legitmix.com
IE trusted site: HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\legitmix.com -> hxxps://legitmix.com
IE trusted site: HKU\S-1-5-21-4135610809-3517379215-834288334-1000\...\osd.mil -> hxxps://pki.dmdc.osd.mil
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-06-21 12:02 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4135610809-3517379215-834288334-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F7C13A6D-AB44-446A-97C6-FDD1DC6065BD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F18E9ED7-B7AF-455A-8B83-6CB820D347F1}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{AB488915-0952-421B-98BE-C827AA18A848}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{06535DD5-1C8C-46C6-95FA-B43082655F4A}] => (Allow) LPort=2869
FirewallRules: [{1B015870-90E1-4B46-BB59-A799474A574E}] => (Allow) LPort=1900
FirewallRules: [{EC2876D4-8C70-4637-994C-B60958C6BFBB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9476A958-7B2E-4A3B-894C-67F39DF51D2B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{990760B5-DF8D-47EB-9411-1FA9FDDF3A3A}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{5B3B3211-11F4-49BE-BAD1-7B7CA0112EA3}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{5A6FE096-A26B-496F-A467-AE4A19A7419D}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{7649EEDE-63DC-414E-91F0-8889DB33770B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3E254399-CFCD-4178-B489-7F6DBF68CCBC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{121CBD14-ABBF-4272-A585-F40DFCB83CAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2D40430A-C7D0-4263-917A-68549735A6CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{538CBF30-9983-4985-AACC-3F374B2DE244}] => (Allow) D:\setup\hpznui40.exe
FirewallRules: [{B0313DCB-C0A1-4552-B3E3-8184D7FD40EA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{9C9924B6-1CC0-46D5-8059-4B181EF1BE9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{5ABD17D9-4143-41CE-AC52-95654DBBCCD8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{19634325-E98C-4161-841C-3F648EEE175C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{94CC9C05-13CD-43CB-86C8-A8D98B1A3A95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{BEA00B1F-7D1F-423E-9C45-446676D8CFE8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{C5A76997-75E0-47C9-B221-FEF956E3C9C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63758FB6-7C3B-4323-A05A-EE9926A8E4E3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{9C8A523E-7469-412C-B88C-709D28664963}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{BEA8E8E4-40A6-41C9-A326-AD1F705C1068}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{35D16B6E-7C86-40BF-B940-BE4A41E0F7F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{559BAAF8-FA35-41D7-B60B-0932AE0A3C0E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{C19519E0-7DB0-48E8-8162-B8C326687E22}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{F067DE84-A1F8-4FB9-88DE-6D4D7B56FDA1}] => (Allow) C:\Users\owner\AppData\Local\Temp\7zS1518\HPDiagnosticCoreUI.exe
FirewallRules: [{EB937BA0-35EA-40C5-BE68-9FC2C286EF68}] => (Allow) C:\Users\owner\AppData\Local\Temp\7zS1518\HPDiagnosticCoreUI.exe
FirewallRules: [{85897F52-E4BD-4F65-B157-5C325ED9757F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{66D2153E-F0FE-465D-AF86-DD91E1407288}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{2437EE77-7CC8-47F4-B3C1-F2DEEC0D08A8}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D7BA357D-B8E8-4761-A336-E331EC59DBEA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{0A06A029-FB91-404F-BA7E-359446037BE1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{A3CCE63B-5BB3-4213-A354-33A0EDF63B51}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [{0938ECDB-724B-42B6-BD45-E599FDC587E5}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{A02C5CE4-00B4-4CFC-8BDD-1BB1041AAA84}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{E20E187D-CC48-43B2-BF4A-EE3243230A1C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{5ECDFEF0-CB44-4DF4-82FA-F8CFBC43215C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{37E176B0-8911-4654-B6B3-9584B80047D6}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{07DDD14B-B94C-4EBA-9A8A-E5B932E5F251}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{D9A16599-DF67-4EFB-99F9-95665B277340}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Allow) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [UDP Query User{372D85C0-DD40-461B-9C2B-BB0D2929F304}C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe] => (Allow) C:\program files (x86)\cisco packet tracer 5.3.3\bin\packettracer5.exe
FirewallRules: [TCP Query User{38F464DD-4F52-49C4-8277-3E56C5A56D65}C:\program files (x86)\cisco packet tracer 6.1.1iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{F8AFB69D-93E1-4B33-B2F2-3EF9DE8A622C}C:\program files (x86)\cisco packet tracer 6.1.1iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1.1iv\bin\packettracer6.exe
FirewallRules: [{DA201094-E9D0-4834-86B4-6F9256F6D343}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{D80450C8-27C8-4D03-BC57-FCC225F06C43}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{23E28F68-2BDB-4A84-9CEA-058F7999073B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{B19AC663-CBB4-4928-91E4-C80CE1195DFD}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{1B5F5BB7-F28E-476B-A652-E4949894E8EC}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{BEDA923E-CE12-480B-A4AB-CACC401E1539}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [{470ADAAA-A9FC-42AE-BFD5-C4477CFF5F30}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{06FEB813-90A1-40D2-88D7-00E2E6176E45}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4A7AD7D6-0369-4A07-9F6C-18CBF9971C40}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A885C9F1-A62C-43C3-82F3-B8086B2A7D58}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{93684A08-E915-4BF8-8940-FF02B256E80B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D68FC03F-55EC-4B6B-8B7E-971BC36581D0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4557273C-DDF8-4E1A-B248-FE239AC698BD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{F79CE83D-801C-461E-AB01-57A7EC717351}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{E005B670-AFC0-424E-AED0-5037C86607AB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [TCP Query User{14E7B02D-6BE7-4A8E-93F0-4992DF5875E5}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Block) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{7A108C2E-2740-47C2-B2B4-05394A716E02}C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe] => (Block) C:\program files (x86)\cisco packet tracer 6.2iv\bin\packettracer6.exe
FirewallRules: [{36487EB6-8A6A-40A4-ADB5-7AFAB9601017}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{DE7074F6-632E-4F57-8E1B-0B69AFA42956}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{1B3CEAF3-7FDC-4DDE-88F4-9AA309A57655}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E8AB5E19-BD22-4D07-BE19-E955C3DB662B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{3A799A82-54CF-4FA3-A684-E4CA5133E9A8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{A431A1A5-94B0-49EE-A618-93B1AF148A34}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{65D38D33-2EE4-4E7D-AECA-9CF0AFD03BC7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
26-06-2016 03:00:36 Windows Update
06-07-2016 10:26:35 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2016 06:34:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2016 06:34:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:34:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:34:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:20:41 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:20:41 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:20:41 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/12/2016 06:19:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/11/2016 11:28:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/11/2016 09:53:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: ScCardPowerColdReset: IccPowerOnStatusError-8053059920x30x00x420xfe
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x800x20x10xfe0x00x0
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: ScCardPowerColdReset: IccPowerOnStatusError-8053059920x30x00x420xfe
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x800x20x10xfe0x00x0
Error: (07/12/2016 06:35:09 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: The smart card is not responding to a reset.Hewlett-Packard Company CCID Interface 0POWER01 00 00 00
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: UpdateCardCapabilities: ATR too short.-8053063480x00x00x00x0
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: ScCardPowerColdReset: IccPowerOnStatusError-8053059920x30x00x420xfe
Error: (07/12/2016 06:35:09 AM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x800x20x10xfe0x00x0

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 55%
Total physical RAM: 6126.46 MB
Available physical RAM: 2725.2 MB
Total Virtual: 12251.1 MB
Available Virtual: 8178.61 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:583.76 GB) NTFS
Drive i: (Kim's Backup) (Fixed) (Total:233.76 GB) (Free:37.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 686AB263)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 233.8 GB) (Disk ID: 0CEE196A)
Partition 1: (Active) - (Size=233.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

 

[TwinHeadedEagle]

Uninstall some programs

We need to uninstall some unwanted/unneeded programs.

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

• “RocketTab”
• Coupon Printer for Windows
• YTD Video Downloader 4.9

After completing uninstalls, please manually reboot your machine!

Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Accept the Terms of use.
• Wait until the database is updated.
• Click Scan.
• When finished, please click Cleaning.
• Your PC should reboot now.
• After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

 

[Kim Fettig]

RocketTab said it might have already been uninstalled and it asked if I just wanted to remove from list. The other two uninstalled successfully.

Here is the fixlog (attached).

Am working on adwcleaner.

 

[TwinHeadedEagle]

Okay, I am waiting for AdwCleaner report.

 

[Kim Fettig]

Here is the AdwCleaner.

 

[TwinHeadedEagle]

Excellent. How is your PC behaving now?

 

[Kim Fettig]

Give me an hour or so sir and i should be able to let you know, when i get off work.

 

[Kim Fettig]

What did you see in the frst files?

 

[TwinHeadedEagle]

You had some Adware on your system.

 

[Kim Fettig]

Everything appears to be working fine, TwinHeadedEagle.....you are wonderful, thank you so much!!!