Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Blocks Adware Installer Activity 7


  • This topic is locked This topic is locked
4 replies to this topic

#1 58bowty

58bowty

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:23 AM

Posted 06 July 2015 - 09:30 AM

I am fighting this same problem. I am getting the same Norton message. I started to follow Preparation Guide step 6 by downloading the FRST program and after it downloaded Norton popped up and said is was a malicious program and automatically deleted it. My instinct is to shut off Norton and download it again, but I fear with all the problems I'm having that running without some kind of protection is not a good idea. Another issue I'm experiencing is that my internet will not work as when this Adware problem occurred I am also getting a "proxy server" error message. Sometimes after waiting a while the page eventually loads. I am running Chrome, Firefox and IE Explorer. browsers. I usually use Chrome and sometimes Firefox. Rarely IE Explorer. None of these are working right. Firefox is also fiving me a "dangerous site " message when I go to places I normally go to in my Favorites list. Any help would be greatly appreciated.

 

Thanks!

Ty



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,226 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:23 PM

Posted 06 July 2015 - 01:27 PM

Shut off Norton. Download and run FRST. Start the new topic .. Add the FRST log.

Turn On Norton.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 58bowty

58bowty
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:23 AM

Posted 06 July 2015 - 01:45 PM

Thanks boopme. I will get on this tonight.

 

Ty



#4 58bowty

58bowty
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:23 AM

Posted 06 July 2015 - 08:35 PM

There were two iles boopme. Here is the frst.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by tytruax (administrator) on TYTRUAX-PC on 06-07-2015 19:55:55
Running from C:\Users\tytruax\AppData\Local\Temp\WPDNSE\{0176012E-0172-0177-2201-310152013801}
Loaded Profiles: tytruax (Available Profiles: tytruax)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\ccsvchst.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\ccsvchst.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(PC Drivers Headquarters) C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [196608 2008-06-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-03-11] (Dell Inc.)
HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-05-12] (DigitalPersona, Inc.)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-09-25] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM\...\Run: [InstaLAN] => C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1485208 2010-07-28] (Affinegy, Inc.)
HKLM\...\Run: [SearchProtection] => C:\ProgramData\Search Protection\_run.bat
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-16] (IDT, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [DBAgent] => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-06-08] (Seagate Technology LLC)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-09-11] (Google Inc.)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [cdloader] => C:\Users\tytruax\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [Driver Manager] => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe [4744024 2014-03-13] (PC Drivers Headquarters)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [Uploader] => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-06-08] (Seagate Technology LLC)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation)
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\MountPoints2: {8007d7bf-40c4-11e3-8b7b-002170825b0c} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-07-27] (Google)
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2008-10-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk [2008-10-10]
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-09-11]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-09-11]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-09-11]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\tytruax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2008-10-07]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\tytruax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart C7200 series.lnk [2013-06-13]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart C7200 series.lnk ->  (No File)
Startup: C:\Users\tytruax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2009-10-26]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\tytruax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk [2015-02-15]
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\tytruax\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2268045312-3402110376-3729890785-1000] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-2268045312-3402110376-3729890785-1000] => http=127.0.0.1:51040;https=127.0.0.1:51040
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.foxnews.com/
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 - (No Name) - {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll No File
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb010YYus_ZJxdm128YYus&ptb=6F2193AA-F0B5-4502-8CD7-19FDAD23B357&psa=&ind=2011011522&ptnrS=ZNzfb010YYus_ZJxdm128YYus&si=&st=sb&n=77dd99c2&searchfor={searchTerms}
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=B4C9CBA96011EDD10DECC650B054A157&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {6A6C0E2C-87D0-47F2-B2FA-5C8FED4C9CB6} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=6898F57F-98DC-41E4-ACAD-79AD172E2B8A&apn_sauid=E85AFB85-BE8A-425C-996C-8ECA2DC8BC6A
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=LdXP06obeAcVcbIdveDe_C7viK0?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb010YYus_ZJxdm128YYus&ptb=6F2193AA-F0B5-4502-8CD7-19FDAD23B357&psa=&ind=2011011522&ptnrS=ZNzfb010YYus_ZJxdm128YYus&si=&st=sb&n=77dd99c2&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {D002E040-8BCB-42B2-8BC2-BE924ACBA8CB} URL = https://duckduckgo.com/?q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: mefeediaTest -> {154d932f-dc51-4a4f-9d52-b78b1419d3b4} -> C:\Program Files\mefeediatest\w3itemplateX.dll [2011-05-04] ()
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: DigitalPersona Fingerprint Software Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-05-12] (DigitalPersona, Inc.)
BHO: Search Assistant BHO -> {5ed22e89-62fa-47ec-bd8d-374d849d436c} -> C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll No File
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL [2013-04-08] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll [2006-11-09] (Dell Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - mefeediaTest - {154d932f-dc51-4a4f-9d52-b78b1419d3b4} - C:\Program Files\mefeediatest\w3itemplateX.dll [2011-05-04] ()
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-28] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0F827EA4-DA3B-4D08-8ED9-FC81B50D824B}: [DhcpNameServer] 24.159.193.40 68.115.71.53
Tcpip\..\Interfaces\{139000AD-58FA-48AA-80B8-6248354ED6DA}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\tytruax\AppData\Roaming\Mozilla\Firefox\Profiles\9mf7o7uz.default-1422404045562
FF DefaultSearchEngine.US: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @DailyBibleGuide.com/Plugin -> C:\Program Files\DailyBibleGuide\bar\1.bin\NP2vStub.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files\Virtual Earth 3D\ [2015-04-15] ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-05]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2009-11-21]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-01-29]
FF HKLM\...\Firefox\Extensions: [2vffxtbr@DailyBibleGuide.com] - C:\Program Files\DailyBibleGuide\bar\1.bin
FF Extension: DailyBibleGuide - C:\Program Files\DailyBibleGuide\bar\1.bin [2011-10-22]
FF HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-05]
CHR Extension: (Google Search) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-06]
CHR Extension: (MySearchDial) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2015-02-06]
CHR Extension: (Gmail) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-05]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\tytruax\AppData\Local\mysearchdial-speeddial.crx [2013-12-15]
CHR HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\tytruax\AppData\Local\mysearchdial-speeddial.crx [2013-12-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-16] (Andrea Electronics Corporation)
R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1168632 2008-05-05] (AuthenTec, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [1962192 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [184528 2015-05-22] (Dell Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-04-28] (Stardock Corporation)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-05-12] (DigitalPersona, Inc.) [File not signed]
S3 getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33752 2008-12-01] (NOS Microsystems Ltd.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-27] (Google)
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-09-11] (Citrix Online, a division of Citrix Systems, Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [630784 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-06-08] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-06-08] (Seagate Technology LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-16] (IDT, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-03-11] (Dell Inc.) [File not signed]
S2 SmileyCentralIE_1wService; C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbarsvc.exe [X]
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [X]
S2 SupportSoft RemoteAssist; C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-03-11] (Broadcom Corporation)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20150625.001\BHDrvx86.sys [1181424 2015-06-16] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1406000.01B\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver32Dcsa.sys [20688 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [19984 2015-02-26] (Dell Computer Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2007-03-05] (Samsung Electronics Co., Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [380720 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [113456 2015-05-27] (Symantec Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [62216 2012-04-13] (FTDI Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-05-07] (GFI Software)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20150703.001\IDSvix86.sys [523512 2015-06-19] (Symantec Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [62496 2010-03-08] (ITE Tech. Inc. )
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20150703.001\NAVENG.SYS [104440 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20150703.001\NAVEX15.SYS [1645432 2015-06-23] (Symantec Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [133632 2009-03-06] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [280096 2009-03-08] (Creative Technology Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NAV\1406000.01B\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1406000.01B\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-03-06] (Samsung Electronics) [File not signed]
R0 SymDS; C:\Windows\System32\drivers\NAV\1406000.01B\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1406000.01B\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1406000.01B\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAV\1406000.01B\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl304783c2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22EF9CDE-F1F9-4029-B9AB-72D22E44D711}\MpKsl304783c2.sys [X]
S1 MpKsl43294a47; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{86E5E040-B2FF-4A75-9C6D-3DB7676B957A}\MpKsl43294a47.sys [X]
S1 MpKsl4be569c2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22EF9CDE-F1F9-4029-B9AB-72D22E44D711}\MpKsl4be569c2.sys [X]
S1 MpKsl5459ff5b; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0776B05-B67B-4C57-BECC-DF1F6A18E9B3}\MpKsl5459ff5b.sys [X]
S1 MpKsl59f83b3d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{01ECB36E-7178-4F63-96EC-0D2153A77D9E}\MpKsl59f83b3d.sys [X]
S1 MpKsl7794caab; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1BAA5A0-436A-48BF-BF49-2C81E743F3F2}\MpKsl7794caab.sys [X]
S1 MpKsldf9a8a9c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0776B05-B67B-4C57-BECC-DF1F6A18E9B3}\MpKsldf9a8a9c.sys [X]
S1 MpKsle23ed45d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DE57FA8B-50CA-4CAF-B326-69215354C436}\MpKsle23ed45d.sys [X]
S1 MpKsle5087028; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8087B174-C9D9-4E04-B186-639C85AE71AD}\MpKsle5087028.sys [X]
S2 mrtRate; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 19:53 - 2015-07-06 19:56 - 00000000 ____D C:\FRST
2015-07-05 09:19 - 2015-07-05 09:19 - 00001984 _____ C:\Users\Public\Desktop\Seagate Dashboard.lnk
2015-07-05 09:19 - 2015-07-05 09:19 - 00000000 ____D C:\ProgramData\Nero
2015-07-05 09:19 - 2015-07-05 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
2015-07-05 09:18 - 2015-07-05 09:18 - 00000000 ____D C:\Program Files\Seagate
2015-07-04 08:20 - 2015-07-04 08:22 - 00000000 ____D C:\NPE
2015-07-03 23:58 - 2015-07-04 09:48 - 00000000 ____D C:\Users\tytruax\AppData\Local\NPE
2015-07-03 21:15 - 2015-07-05 08:39 - 00017408 ____N C:\Windows\system32\rpcnetp.dll
2015-07-01 14:51 - 2015-07-01 14:52 - 02009904 _____ C:\Users\tytruax\Downloads\Adaware_Installer.exe
2015-06-28 13:59 - 2015-06-28 14:03 - 00000000 ____D C:\Users\tytruax\Downloads\Documents\ProPCCleaner
2015-06-28 10:23 - 2015-06-28 10:23 - 00000064 _____ C:\Users\tytruax\AppData\Local\ae7b9a524250a11645944c5cc8ea1f8a
2015-06-28 10:22 - 2015-07-06 06:44 - 00000000 ____D C:\Program Files\user extensions
2015-06-28 10:19 - 2015-06-28 10:19 - 00000000 ____D C:\Users\tytruax\AppData\Roaming\Rainmaker Software Group LLC
2015-06-28 10:15 - 2015-06-28 10:17 - 00000000 ____D C:\Users\tytruax\AppData\Local\Chromium
2015-06-28 10:14 - 2015-06-28 10:14 - 00000000 ____D C:\Users\tytruax\AppData\Roaming\Tny_cassiopesa
2015-06-28 10:13 - 2015-07-05 00:14 - 00000000 ____D C:\Program Files\Tny_Cassiopesa
2015-06-28 09:34 - 2015-06-28 09:37 - 00000691 _____ C:\Users\tytruax\Downloads\Setup.website
2015-06-26 09:59 - 2015-06-26 09:59 - 00002656 _____ C:\{4AEBD7CA-AA62-443F-BE8C-D560DDD7B917}
2015-06-25 12:17 - 2015-06-25 12:17 - 00187544 _____ C:\{EC60D424-DC7B-4A77-ADA7-427BEC4AECF8}
2015-06-25 12:16 - 2015-06-25 12:16 - 00191264 _____ C:\{788EED22-B0D9-4460-A6C7-B7DF7CEE2930}
2015-06-25 12:15 - 2015-06-25 12:15 - 01658024 _____ C:\{EFA08471-DF5F-40A7-90F1-9B0D72B03CE7}
2015-06-25 12:14 - 2015-06-25 12:14 - 00000000 __HDC C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}
2015-06-25 12:07 - 2015-06-25 12:07 - 00033312 _____ C:\{1178C181-8087-4D87-BB9F-82F26D2CA17F}
2015-06-25 09:54 - 2015-06-25 09:54 - 00002656 _____ C:\{EF275529-EBC1-4E42-8097-C9D80E9A472C}
2015-06-23 21:46 - 2015-06-23 21:46 - 00002760 _____ C:\{834DCB07-275F-4613-97CE-C58D60A59D0F}
2015-06-22 21:19 - 2015-06-22 21:19 - 00036464 _____ C:\{9234DFAD-EA90-4CE0-88FD-07A701C36EA7}
2015-06-22 13:23 - 2015-06-22 13:23 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-06-22 13:23 - 2015-06-22 13:23 - 00000000 ____D C:\Program Files\Dell Support Center
2015-06-19 18:06 - 2015-06-19 18:06 - 00002760 _____ C:\{B5AD83DC-CAB5-457C-AFB7-0B66945BED87}
2015-06-17 23:48 - 2015-06-17 23:48 - 00002656 _____ C:\{D097C8E4-B4F4-457D-873A-AC69F48ED39C}
2015-06-12 11:41 - 2015-06-12 11:41 - 00003392 _____ C:\{95087AF7-517B-4625-841C-71F7159665F0}
2015-06-12 09:15 - 2015-06-12 09:15 - 00005280 _____ C:\{5A3CE189-81C1-4F30-9426-A5855B97C25F}
2015-06-12 03:18 - 2015-06-12 03:18 - 00002760 _____ C:\{F5900F4F-27CC-48DC-8306-0A80229396F0}
2015-06-11 00:30 - 2015-04-24 10:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 00:29 - 2015-05-21 09:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 00:28 - 2015-05-08 18:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 23:59 - 2015-05-04 17:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 23:59 - 2015-05-04 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 23:59 - 2015-05-04 17:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 23:59 - 2015-05-04 17:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 23:59 - 2015-05-04 16:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 21:45 - 2015-05-30 19:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 21:45 - 2015-05-30 18:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 21:45 - 2015-05-30 18:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 21:45 - 2015-05-30 18:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 21:45 - 2015-05-30 18:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 21:45 - 2015-05-30 18:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 21:45 - 2015-05-30 18:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 21:45 - 2015-05-30 18:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 21:45 - 2015-05-30 18:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 21:45 - 2015-05-30 18:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 21:45 - 2015-05-30 18:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-10 21:45 - 2015-05-30 18:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 21:45 - 2015-05-30 18:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 21:45 - 2015-05-30 18:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 21:45 - 2015-05-30 18:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-10 21:45 - 2015-05-30 18:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 19:48 - 2013-02-27 23:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-06 19:40 - 2006-11-02 05:33 - 00767576 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-06 19:31 - 2008-09-10 21:23 - 02092223 _____ C:\Windows\WindowsUpdate.log
2015-07-06 19:29 - 2010-12-06 23:30 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 19:21 - 2010-12-06 23:30 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 19:17 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-06 19:17 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-06 07:22 - 2008-10-07 22:34 - 00043614 _____ C:\Users\tytruax\AppData\Roaming\wklnhst.dat
2015-07-06 06:45 - 2010-12-16 13:55 - 00000000 ____D C:\Users\tytruax\AppData\Local\CrashDumps
2015-07-05 12:55 - 2009-03-27 12:25 - 00000000 ____D C:\Windows\Minidump
2015-07-05 08:58 - 2010-09-09 08:03 - 00049536 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe
2015-07-05 08:39 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 08:37 - 2006-11-02 08:01 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-04 23:50 - 2012-11-24 00:01 - 00000000 ____D C:\ProgramData\Search Protection
2015-07-04 09:39 - 2009-09-17 23:13 - 00643072 _____ C:\Windows\system32\autochk.exe
2015-07-04 00:01 - 2010-09-03 07:20 - 00006648 _____ C:\Users\tytruax\AppData\Local\d3d9caps.dat
2015-07-03 23:59 - 2010-12-01 08:38 - 00000000 ____D C:\ProgramData\Norton
2015-06-25 12:06 - 2015-04-15 21:04 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2015-06-24 07:49 - 2012-12-29 18:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-24 07:49 - 2011-07-21 23:35 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-22 21:51 - 2013-01-05 19:23 - 00001973 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 13:23 - 2008-09-11 02:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-22 13:18 - 2010-12-09 23:29 - 00000000 ____D C:\ProgramData\PCDr
2015-06-18 14:07 - 2014-09-04 09:33 - 00000000 ____D C:\Users\tytruax\AppData\Local\Adobe
2015-06-11 08:59 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:36 - 2006-11-02 07:47 - 00305584 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 00:30 - 2009-10-24 19:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 00:28 - 2013-07-16 07:39 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 00:03 - 2006-11-02 05:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-06 01:10 - 2015-06-02 19:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-06 01:10 - 2012-05-02 21:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-02-12 13:41 - 2014-02-12 13:41 - 49940480 _____ () C:\Program Files\GUT9EA7.tmp
2008-10-07 19:08 - 2008-10-08 18:49 - 0001844 _____ () C:\Users\tytruax\AppData\Roaming\install.dat
2008-10-07 22:34 - 2015-07-06 07:22 - 0043614 _____ () C:\Users\tytruax\AppData\Roaming\wklnhst.dat
2015-06-28 10:23 - 2015-06-28 10:23 - 0000064 _____ () C:\Users\tytruax\AppData\Local\ae7b9a524250a11645944c5cc8ea1f8a
2010-09-03 07:20 - 2015-07-04 00:01 - 0006648 _____ () C:\Users\tytruax\AppData\Local\d3d9caps.dat
2008-10-09 07:28 - 2013-06-19 07:22 - 0025600 _____ () C:\Users\tytruax\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-08 15:32 - 2013-02-08 15:32 - 0011986 _____ () C:\Users\tytruax\AppData\Local\fsc9850.exe
2013-12-15 23:15 - 2013-12-15 23:15 - 0351124 _____ () C:\Users\tytruax\AppData\Local\mysearchdial-speeddial.crx
2013-06-13 21:16 - 2013-06-13 21:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2008-10-09 23:29 - 2010-09-08 21:06 - 0003900 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\tytruax\Garmin_RMU_CNNANT2010C.exe
C:\Users\tytruax\garmin_rmu_cnnant2010_20.exe


Some files in TEMP:
====================
C:\Users\tytruax\AppData\Local\Temp\gb-installer-core.exe
C:\Users\tytruax\AppData\Local\Temp\install_temp.exe
C:\Users\tytruax\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-05 21:01

==================== End of log ============================

 

 

 

 

And here is the addition:

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by tytruax at 2015-07-06 19:59:00
Running from C:\Users\tytruax\AppData\Local\Temp\WPDNSE\{0176012E-0172-0177-2201-310152013801}
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2268045312-3402110376-3729890785-500 - Administrator - Disabled)
Guest (S-1-5-21-2268045312-3402110376-3729890785-501 - Limited - Disabled)
tytruax (S-1-5-21-2268045312-3402110376-3729890785-1000 - Administrator - Enabled) => C:\Users\tytruax

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus Online (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus Online (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.7.258 - Adobe Systems Incorporated)
Acrobat.com (Version: 1.7.258 - Adobe Systems Incorporated) Hidden
Actron Scanning Suite (HKLM\...\{1956e9f5-6f4b-4fc3-b6f4-5869d06d95e9}) (Version: 1.3.0 - Actron)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
AIO_Scan (Version: 100.0.206.000 - Hewlett-Packard) Hidden
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOL Install (HKLM\...\{2357B8BC-88C9-4A72-818C-050CC4EB0778}) (Version: 1.0.0 - America Online, Inc)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AuthenTec Fingerprint System (HKLM\...\{140BF0D0-E848-405C-9A01-D3256B918B6D}) (Version: 8.0.26.22 - AuthenTec, Inc.)
Avery Template (HKLM\...\{A760067A-C07E-1033-0000-A764AC000002}) (Version: 2.0.0.0 - Avery)
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
BarHomePoker (HKLM\...\BarHomePoker) (Version:  - )
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.06.01 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
C7200 (Version: 100.0.206.000 - Hewlett-Packard) Hidden
C7200_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Centra Client (HKLM\...\CentraClient) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Best of Web (HKLM\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Driver Download Manager - 1  (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell Driver Download Manager (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\309a46b1dc89b774) (Version: 1.0.0.0 - Dell Inc.)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.104 - Alps Electric)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version:  - )
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.75.0 - Dell Inc.)
Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.01 (HKLM\...\{3D8AE086-030F-4EF4-B705-63F8130B043E}) (Version: 4.01.3765 - DigitalPersona, Inc.)
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Driver Manager (HKLM\...\{177CD779-4EEC-43C5-8DEA-4E0EC103624B}) (Version: 8.1 - Driver Manager)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version:  - )
Elevated Installer (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 120.0.194.000 - Hewlett-Packard) Hidden
FL 2001 Registration (HKLM\...\FL 2001 Registration) (Version:  - )
Garmin City Navigator North America NT 2010.10 Update (HKLM\...\{301CC8D1-FE75-41ED-9B11-41F006110950}) (Version: 13.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}) (Version: 2.5.5 - Garmin Ltd or its subsidiaries)
GeniusBox 2.0 (HKLM\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
getPlus® for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.35 - NOS Microsystems Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
GoToMeeting 5.1.0.880 (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\GoToMeeting) (Version: 5.1.0.880 - CitrixOnline)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Driver Diagnostics (HKLM\...\{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}) (Version: 1.03.0005 - Hewlett-Packard Company)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{8EAB4100-B343-41AE-A880-418746998209}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{79ACC31A-87EA-472A-853E-5AC6A97CE569}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (HKLM\...\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}) (Version: 10.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP_Network_UserGuide (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6162.3 - IDT)
Integrated Webcam Driver (1.06.03.0309)   (HKLM\...\Creative OA001) (Version: 1.06.03.0309 - Creative Technology Ltd.)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ITECIR Driver (Version: 1.00.000 - ITE) Hidden
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karaoke CD+G Creator (HKLM\...\{F19082BE-3928-40B8-B985-C6E230010912}_is1) (Version:  - Doblon)
K-Lite Codec Pack 4.1.6 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.1.6 - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.1419.1 - Creative Technology Ltd)
magicJack (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 4.0 - Dell)
MeFeedia (HKLM\...\mefeediatest) (Version: 1.0.0.1 - )
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM\...\OUTLOOKR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSN Money Investment Toolbox (HKLM\...\MoneyToolbox) (Version: 15 SP1 - Microsoft)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Norton AntiVirus (HKLM\...\NAV) (Version: 20.6.0.27 - Symantec Corporation)
nudemenClock Screen Saver (HKLM\...\nudemenClock) (Version:  - )
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Open It! (HKLM\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
PanoStandAlone (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Players Only (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Players Only) (Version: 5.0 - )
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Power Gaming Network (HKLM\...\PGNet) (Version:  - )
Pro PC Cleaner (HKLM\...\{EDFBF31C-17D0-4429-A9C9-6638ACD1AEBF}) (Version: 2.9.5 - Rainmaker Software Group LLC.) <==== ATTENTION
PS_AIO_02_ProductContext (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Quicken 2004 (HKLM\...\InstallShield_{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}) (Version: 13.00.0000 - Intuit)
Quicken 2004 (Version: 13.00.0000 - Intuit) Hidden
Quicken Family Lawyer 2001 (HKLM\...\Quicken Family Lawyer 2001) (Version:  - )
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 9.0.12 - Dell Inc.)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Samsung ML-1630 Series (HKLM\...\Samsung ML-1630 Series) (Version:  - Samsung Electronics CO.,LTD)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
ScanWiz (HKLM\...\ScanWiz) (Version: 2.10 - Softi Software)
Seagate Dashboard (HKLM\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.1.1402.0 - Seagate)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SmileyCentral (HKLM\...\SmileyCentralIE_1wbar Uninstall) (Version:  - SmileyCentral)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Stay Organized Q&E (HKLM\...\Stay Organized Q&E) (Version:  - )
SUABnR (HKLM\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM\...\{4B6F8DD1-66C7-4905-BD8A-B05562E08984}) (Version: 2.14.1212 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM\...\{BB5A0BB0-657F-48DC-A475-5503F39CED05}) (Version: 2.14.1202 - Samsung Electronics Co., Ltd.)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version:  - WebEx Communications, Inc)
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\45C76934E7F547DB6EAFC059D897430F43112A87) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06) (HKLM\...\726385ED6E9BD02F0F3E4611AEEAD174ADDDC0F2) (Version: 03/13/2008 2.04.06 - FTDI)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - SPX Service Solutions, Inc (spxusb) Ports  (13/04/2009 1.03) (HKLM\...\2FE89524DCB9993BBE35C3B1F50969BE84CDC26C) (Version: 13/04/2009 1.03 - SPX Service Solutions, Inc)
Windows Driver Package - SPX Service Solutions, Inc (usbser) Ports  (10/02/06 ) (HKLM\...\EF0DC109140519CEDBEF47D748890F9061EDC199) (Version: 10/02/06  - SPX Service Solutions, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zip Extractor Packages (HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0207CA76-8233-4478-9A40-607AC304C435}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{0C378864-D5C4-4D9C-854C-432E3BEC9CCB}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{17764098-F985-44E2-93C3-DF9B49F1CC19}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{17E67D4A-23A1-40D8-A049-EE34C0AF756A}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{294E9835-D0F1-4815-8C52-3C08FBB1403E}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{2BB2DE4F-FCDF-46F2-9723-5B1959E1BDE0}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{42C68651-1700-4750-A81F-A1F5110E0F66}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{4774922A-8983-4ECC-94FD-7235F06F53A1}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{51240B37-45D0-413C-BAE0-D8F3ACDC15E6}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{54BE6B6F-3056-470B-97E1-BB92E051B6C4}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{5A494E87-262C-4340-A539-2FAC0A85D935}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{5E6F22B3-7DF6-4C64-8AD0-1A6CC1351085}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{60178279-6D62-43AF-A336-77925651A4C6}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{6470DE80-1635-4B5D-93A3-3701CE148A79}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{64CB8178-1A77-4443-BE13-30BE889B99BB}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{684E4896-6EFC-4A3D-B967-6105894A6796}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{6B75345B-AA36-438A-BBE6-4078B4C6984D}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{784F2933-6BDD-4E5F-B1BA-A8D99B603649}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{7CB9D4F5-C492-42A4-93B1-3F7D6946470D}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{7D4CF499-32EC-4E8E-8714-7E74303869F0}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\880\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{8877F3CD-3C29-4E2D-B7DD-70B24DF4EBD1}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{910E7ADE-7F75-402D-A4A6-BB1A82362FCA}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{93441C07-E57E-4086-B912-F323D741A9D8}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{95775FC2-FFFA-4432-A4BC-352AB1A84581}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{990D9B6F-6621-11D9-AD6A-000C29B1E318}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\AveryOAd.dll (Avery Dennison Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{9986CC36-7FA8-4E9A-ADE1-E197FCC5484B}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{9E1DDDD2-0638-4607-B266-13FE69EDFFD3}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{9E3A85FC-1E59-4C57-ACEA-17E7D61000F1}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{A95845D8-8463-4605-B5FB-4F8CFBAC5C47}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{AA6A5B54-2ACF-4FDB-A82B-E505A5E0B65E}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{AAFBE339-5BEE-417C-BE98-218DA8512B43}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{AB049B11-607B-46C8-BBF7-F4D6AF301046}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{AB237044-8A3B-42BB-9EE1-9BFA6721D9ED}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{B2CD4730-67E7-401C-A2CB-D74715E05FA4}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{B5201019-B9A8-411C-A7AC-CEA856A63C00}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{B9C13CD0-5A97-4C6B-8A50-7638020E2462}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{BC2971B9-2A4F-44C8-8D7F-04E027544828}\InprocServer32 -> C:\Program Files\Hp\Common\HPScripting.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{BE65189A-4770-47A0-9B7B-68827DB1C317}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{BE892433-7479-4231-AB95-A313BDA3D409}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{BF931895-AF82-467A-8819-917C6EE2D1F3}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C70D0641-DDE1-4FD7-A4D4-DA187B80741D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{C94188F6-0F9F-46B3-8B78-D71907BD8B77}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{CDAF9CEC-F3EC-4B22-ABA3-9726713560F8}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{CF6866F9-B67C-4B24-9957-F91E91E788DC}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{D057CD8F-1469-4A41-B24C-7EED6B1DDCD2}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{D0E9EEAE-9AC7-4204-BA07-B72DD6077E82}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\AvWizRes.dll (Avery Dennison Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{D2776BCC-5F09-4068-B4E2-7EE1202F95CF}\InprocServer32 -> C:\Users\tytruax\AppData\Roaming\Avery\Avery Wizard 4.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{DC4F9DA0-DB05-4BB0-8FB2-03A80FE98772}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{dc67367a-8b15-47bc-b7f8-0ba0435a504a}\InprocServer32 -> C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\MSNCON32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{dcedfcbf-c7d1-4b81-a20f-7524d306135e}\InprocServer32 -> C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\MSNCON32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{DE233AFF-8BD5-457E-B7F0-702DBEA5A828}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{DF1F1C17-6A29-45FB-A3C6-9825908E062E}\InprocServer32 -> C:\Program Files\Hp\Common\RulesEngine.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{E12DA4F2-BDFB-4EAD-B12F-2725251FA6B0}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{E975F61C-2C2B-4FE8-A4CD-24C52969CE12}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> No Filepath
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000_Classes\CLSID\{FA9C5110-071C-4964-9DD0-610806FF0F81}\InprocServer32 -> C:\Program Files\Hp\Common\HPDeviceDetection.dll (Hewlett-Packard)

==================== Restore Points =========================

07-05-2015 17:24:55 Scheduled Checkpoint
14-05-2015 03:04:58 Windows Update
16-05-2015 23:21:07 Scheduled Checkpoint
21-05-2015 22:15:27 Scheduled Checkpoint
10-06-2015 23:58:46 Windows Update
12-06-2015 03:01:03 Scheduled Checkpoint
25-06-2015 20:21:29 Scheduled Checkpoint
28-06-2015 11:44:27 Scheduled Checkpoint
30-06-2015 22:37:35 AA11
01-07-2015 14:54:08 AA11
04-07-2015 09:33:40 Norton_Power_Eraser_20150704093340566
04-07-2015 23:20:33 AA11
05-07-2015 00:16:07 Removed UpdateAdmin
05-07-2015 00:17:36 Removed Pro PC Cleaner
05-07-2015 08:26:10 Removed Pro PC Cleaner
05-07-2015 09:11:39 Installed Seagate Dashboard.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E4BB74-8FA9-45BF-85C5-75EA5AC19894} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {13B972A0-2729-4A2D-9E3A-BABF003C0135} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {1C118432-0B9C-4F5D-90FD-161E8434A39A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {272DD414-535B-4070-B95B-A0E2C5A90A43} - System32\Tasks\Driver Manager-RTMRules => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe [2014-03-13] (PC Drivers Headquarters)
Task: {2AB8CB47-F2CB-4065-9D17-AC91686EFCD5} - System32\Tasks\Driver Manager-RTMScanRunOnce => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe [2014-03-13] (PC Drivers Headquarters)
Task: {31E2EC9C-9490-4040-81B9-BFC40DEBA4BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {366CD59C-7EF6-412D-8DE8-79CA3CF1AC89} - System32\Tasks\{77309990-AC37-48F7-B03F-1FF03B6A9C3C} => pcalua.exe -a C:\Users\tytruax\Desktop\Setup.exe -d C:\Users\tytruax\Desktop
Task: {3CF50DC5-2606-4848-B079-00D7D4ADB7CD} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {3EBC1DA6-D59C-4A53-98AF-66A10262AAA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {44AD201B-6251-49D6-AFF0-0FFBD65496D0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {47EF0F2A-98F5-4804-B019-3A2599FBB082} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {48A56755-21D5-479D-A5EF-2B727EA63268} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {5E6765D2-09E8-43DC-AD43-5AC025B0ACFC} - System32\Tasks\Check Updates => C:\Program Files\user extensions\updater.exe [2015-07-06] () <==== ATTENTION
Task: {6F45E61D-DEB8-44F8-984B-81E40D259BF3} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {7EBABBA0-8F80-4DAE-845D-080AEFC0E02F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {9070E503-6B26-4C7C-A073-E2F1F472BF3B} - System32\Tasks\Driver Manager-RTMScan => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe [2014-03-13] (PC Drivers Headquarters)
Task: {91725980-5969-452C-8BED-09A1BC12CD98} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\WSCStub.exe [2014-12-06] (Symantec Corporation)
Task: {96F426FF-B1EF-4C72-A1A0-0EDE59C36EEF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-06-08] (Seagate Technology LLC)
Task: {9CD25117-A8FC-44C2-8773-B4F427BBB70E} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\20.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {B1D591B8-6789-4E0F-B649-75C18FEF7660} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {B5AA1ABF-C723-4C20-BE6C-6465C3ED2F0E} - System32\Tasks\tytruax DBAgent 2 0 => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-06-08] (Seagate Technology LLC)
Task: {B8F862D1-91F1-474C-95F7-A305629D345D} - \UpdateAdmin No Task File <==== ATTENTION
Task: {CE476B12-6DB0-499A-BC1A-0CA0FD0D4F64} - System32\Tasks\tytruax => C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-06-08] (Seagate Technology LLC)
Task: {D2300C87-D303-47AF-8C5A-4C40D0E5B22C} - System32\Tasks\Validate Installation => C:\Program Files\user extensions\updater.exe [2015-07-06] () <==== ATTENTION
Task: {E53441D6-39E8-46EE-80B9-4CDBB491BE69} - System32\Tasks\{40F9C1EE-D2EC-48C7-B425-FC294EB73878} => pcalua.exe -a "C:\Users\tytruax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9JFLPP1V\Install_WebCam_Bmp[1].exe" -d C:\Users\tytruax\Desktop
Task: {F006A16B-85FE-43D0-BC59-0A439565852D} - System32\Tasks\tytruax Merge => C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-06-08] (Seagate Technology LLC)
Task: {F08A4E54-E19F-4CFF-BAD1-A1CFC58A2B07} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {F166DF9E-BEB9-4C89-9C5F-98F907C04E0B} - System32\Tasks\Driver Manager-RTMUpdater => C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe [2014-03-13] (PC Drivers Headquarters)
Task: {F29441E4-ECD0-483F-AC6A-2C015D832F6D} - System32\Tasks\GeniusBox => cmd.exe /C start "" "C:\Program Files\user extensions\client.exe" <==== ATTENTION
Task: {FD7041E3-C189-4582-8D38-91F39C2AEE1E} - System32\Tasks\{DBF2BB2D-A8D7-4201-A53A-537A6B5AF938} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {FE69C0BF-D444-4D0D-9CB5-ED14905D926E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2008-09-11 02:39 - 2008-03-11 09:26 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-09-11 02:39 - 2008-03-11 09:24 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2010-02-24 14:01 - 2007-02-08 20:22 - 00022723 _____ () C:\Windows\System32\ml163sl3.dll
2010-02-24 14:03 - 2009-09-25 06:00 - 00614400 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2011-01-21 13:40 - 2010-06-23 19:11 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2011-01-21 13:40 - 2010-06-23 19:11 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2011-01-21 13:40 - 2010-06-23 19:12 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2011-01-21 13:40 - 2010-06-23 19:11 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2011-01-28 13:54 - 2010-06-23 18:38 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-03-13 12:43 - 2014-03-13 12:43 - 00601456 _____ () C:\Program Files\Driver Manager\Driver Manager\ThemePack.DriverManager.dll
2014-03-13 12:37 - 2014-03-13 12:37 - 00428416 _____ () C:\Program Files\Driver Manager\Driver Manager\Agent.Communication.XmlSerializers.dll
2014-10-15 09:12 - 2014-10-15 09:12 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\48ebce5820c83e4de579427bbda6863c\IsdiInterop.ni.dll
2010-05-23 08:13 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-07-03 21:15 - 2015-07-05 08:39 - 00017408 ____N () C:\Windows\System32\rpcnetp.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\autochk.exe:BAK

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\magicjack.com -> my.magicjack.com
IE trusted site: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\talk4free.com -> reg.talk4free.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\tytruax\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: OA001Cfg.exe => OA001Cfg.exe
MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"
MSCONFIG\startupreg: QuickCare => C:\Program Files\CenturyLink\QuickCare\bin\sprtcmd.exe /P QuickCare
MSCONFIG\startupreg: Qwest Personal Digital Vault => "C:\Program Files\Qwest Personal Digital Vault\QwestPersonalDigitalVault.exe" /m
MSCONFIG\startupreg: SmileyCentralIE_1w Browser Plugin Loader => C:\PROGRA~1\SMILEY~2\bar\1.bin\1wbrmon.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{FED00B66-7D66-45F4-BB00-2C7373A4FCA0}] => (Allow) C:\Program Files\Dell\MediaDirect\PCMService.exe
FirewallRules: [{3D3E3F3C-5B61-4DF5-A6CA-58A00CD4FC8C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6A28CDB5-AD9E-418D-AE32-0BB70149AA0E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FA477C84-5FD5-4D8E-BA1C-25EC56440FE9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{996871EB-64D7-474B-BC33-673FD1F1CF0C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BF06E2AF-3A79-4915-AE24-71380F43F35B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{8811D0FE-929C-4195-BD94-22BE92CC6AD2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{54AC250F-D1C7-43DE-B724-D11F6C9BDAA3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{041193FE-C471-48E7-8DD5-D0E252B3A78E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{48B81B3B-1967-487D-B353-24CAE02BC97D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{0FD66A5C-0A0F-49B2-917F-6A98A18A02BA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8C52AF44-40A0-4F91-8E56-EE138E2C68B1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{2BFF9AC8-2634-4932-AA36-F688850EE106}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F9BC5C8C-6F12-4E03-859C-B188954A6DF2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{DABAC3D7-ACD4-42AD-8AAC-BEC706A52FDE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{D1C3D658-DE8E-419E-A045-37D285F05584}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1915F237-8349-48CD-82A6-BA1341C59634}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{138642E3-3D88-4FA6-82A0-8C50067CA2EF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F4A0B4C5-0286-4195-9BDA-833BCD2C37A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{11A44F54-28CE-44E0-B93E-5A310B04526F}] => (Allow) C:\Program Files\HP\Digital Imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{28872BCE-7AA7-4C23-8EAA-D8C2D40F25B1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{0A31961F-4AB7-4ACB-BC1B-0FB6DE2DD5CA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{F0C7A9AD-E4FD-4168-AF43-D2774FE5FE3F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3120FFBA-AB3D-4C8E-9E8E-B677C99F1CC0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4C606290-A9F5-4AB0-ABB1-9728816CD880}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1BAE7FF3-8F3F-4869-9CD9-9F13F7367315}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{2BE52D6A-5FE3-4C09-B70C-4946BFF1584F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{A8272024-5BAD-4A3C-A416-4DA8260736BA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12FE2076-DBA8-4368-B9E4-571F124D2147}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C4341C17-1DDD-43C7-AD31-4A1411A924F6}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{C6C675BD-6704-4437-96C2-6FD75FF7E025}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{DB719D00-C6C3-4399-98D9-DF5D9A2D66A9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{CBA20DA0-8B0C-441F-A41B-CE4B200A2F3A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8EBE9C62-1430-4A46-9D28-7C5AA35DD73E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FEE2DCFE-5070-459B-9E96-03BF8DE39451}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{7D5BD653-0A49-45D1-9CF7-DC96C8DEE58C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AD53D2C8-438F-4B25-90EB-7271372C2C54}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1446831C-5917-4830-8561-6BEB1D1EAABB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{901FE8C5-8827-4550-9D7F-425D4E902BF9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{C4321E9F-F6D6-4230-97BE-398F9740DF2D}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{4F65A115-A5CE-4DC8-8298-F48BF63CDF7C}] => (Allow) LPort=63331
FirewallRules: [{A81AE4C6-1980-4017-8957-858CC58146D1}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A409821B-3BD8-4C55-A4BF-67186BA723C4}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{0139AE4E-A2E6-437A-9034-C56C049E657D}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{37429C2F-90CE-4A75-BECD-38E2639E4DD6}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{7DD99A6D-7B77-4458-9DCB-FA029840603B}] => (Allow) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{0CF98354-A73E-4352-BFB2-D0A982B0D54D}] => (Allow) LPort=80
FirewallRules: [{EDF3ADE8-4D1D-4FE2-8EF0-C5E198DE1895}] => (Allow) LPort=80
FirewallRules: [{0CF70030-443D-4BC4-AEC7-F0581556486F}] => (Allow) LPort=80
FirewallRules: [{673BAFB8-9695-4C3E-9FBE-83E9371A0D15}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{220E5E65-737A-491F-9648-79300FD27BEE}] => (Allow) LPort=2869
FirewallRules: [{028A8356-AFF4-405D-86A5-3AB69E5DCBE9}] => (Allow) LPort=1900
FirewallRules: [{9ED1BAA8-F24A-45DF-8E29-F0BE153C14FF}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6E8BD697-5DC9-4360-8FAB-305DA321149B}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{C2FA9DA7-547C-4EF9-BA01-35E20D81B8A9}C:\program files\pgnet\pokerupdate.exe] => (Allow) C:\program files\pgnet\pokerupdate.exe
FirewallRules: [UDP Query User{592966DB-8DC4-449C-81F0-B452CD9D7979}C:\program files\pgnet\pokerupdate.exe] => (Allow) C:\program files\pgnet\pokerupdate.exe
FirewallRules: [TCP Query User{5532473E-192E-48E2-B128-18A3A837B736}C:\program files\pgnet\starcade.exe] => (Allow) C:\program files\pgnet\starcade.exe
FirewallRules: [UDP Query User{935DFD9E-7DD8-4E01-8E48-C77AFD28DED9}C:\program files\pgnet\starcade.exe] => (Allow) C:\program files\pgnet\starcade.exe
FirewallRules: [TCP Query User{38295271-E431-43BB-9B88-E584D3EEFDFA}C:\program files\barhomepoker\pokerupdate.exe] => (Allow) C:\program files\barhomepoker\pokerupdate.exe
FirewallRules: [UDP Query User{426EDA23-99C1-491C-BEE4-F80CBC146511}C:\program files\barhomepoker\pokerupdate.exe] => (Allow) C:\program files\barhomepoker\pokerupdate.exe
FirewallRules: [TCP Query User{961B1D35-7796-4EDF-8490-F05BF9D546A8}C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe] => (Block) C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{E6BA496C-E65D-4024-A600-C4CE666EF1D0}C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe] => (Block) C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [TCP Query User{3E0E469B-C4C6-4BA9-93E8-EDB8DA764DE8}C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{9B9F5E86-872E-4B7F-A0B5-FCDBDAC425E5}C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\tytruax\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{7B265633-3DC7-409D-999C-A2DC2D8259AE}] => (Allow) LPort=5060
FirewallRules: [{CD06473B-8DEE-4F62-99AD-5EE13A5CB9A1}] => (Allow) LPort=5070
FirewallRules: [{849422F3-BB88-44F7-9F21-A86E6755E4F3}] => (Allow) C:\Program Files\adawaretb\dtUser.exe
FirewallRules: [{26FFEC50-45A3-4473-AD64-A744483EBB82}] => (Allow) C:\Program Files\adawaretb\dtUser.exe
FirewallRules: [{22F46C5C-022F-400E-BD66-ADAB1E266AF4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{0767AE45-8EE7-4D97-9A59-391CFA85E162}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{B9D187F6-8B5E-4D07-87C5-9095EFD6C5D5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{3307ABC1-5B29-4EE6-8957-39BE92C0520E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{BAD5339F-A5D7-4540-B727-0BD3AD8CC3DF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{212384BA-8508-4B3D-A7FD-466D01304ACE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{95068D90-4148-4FD9-B7DA-CBA00A7A4D5D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{0669DA5C-1450-40C0-8BEE-0BC959F5B435}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{0F7273D0-9B4C-4C02-8E43-430626460F07}C:\program files\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{FE24BBF7-0CC5-4FF6-B053-7F983A097C6A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D2CFBD96-BC9F-45CB-AB9F-84338E3E053D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AD12F7D6-208F-4211-B8B8-2E620E18AD4F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{5C4E92F5-47EE-41CC-B7F3-48E3419B9A15},] => (Allow) LPort=80
FirewallRules: [{9E95E5C4-5306-4125-AE18-1AB47CFFDCDC},] => (Allow) LPort=80
FirewallRules: [{E6C68149-1DED-4C71-B12D-A4E7C400D5BA},] => (Allow) LPort=80
FirewallRules: [{DAF9D624-8F7F-4732-8070-E9A621E33EBB}] => (Allow) LPort=8888

==================== Faulty Device Manager Devices =============

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2015 07:58:57 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (07/06/2015 07:58:57 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.   (0x8004117f)

Error: (07/06/2015 07:58:57 PM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows (7084) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00A81.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 5 (0x00000005): "Access is denied. ".  The move file operation will fail with error -1032 (0xfffffbf8).

Error: (07/06/2015 07:58:47 PM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows (7084) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00A81.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 5 (0x00000005): "Access is denied. ".  The move file operation will fail with error -1032 (0xfffffbf8).

Error: (07/06/2015 07:50:14 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (07/06/2015 07:50:14 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.   (0x8004117f)

Error: (07/06/2015 07:50:14 PM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows (5916) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00A81.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 5 (0x00000005): "Access is denied. ".  The move file operation will fail with error -1032 (0xfffffbf8).

Error: (07/06/2015 07:50:04 PM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows (5916) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00A81.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 5 (0x00000005): "Access is denied. ".  The move file operation will fail with error -1032 (0xfffffbf8).

Error: (07/06/2015 07:48:51 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (07/06/2015 07:48:51 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.   (0x8004117f)


System errors:
=============
Error: (07/06/2015 07:58:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Windows Search75

Error: (07/06/2015 07:58:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (07/06/2015 07:53:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Remote Access Connection ManagerSecure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Secure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Remote Access Connection ManagerSecure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Secure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Remote Access Connection ManagerSecure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Secure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Remote Access Connection ManagerSecure Socket Tunneling Protocol Service%%2

Error: (07/06/2015 07:53:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Secure Socket Tunneling Protocol Service%%2


Microsoft Office:
=========================
Error: (06/03/2015 07:48:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 45548 seconds with 1740 seconds of active time.  This session ended with a crash.

Error: (07/09/2014 11:05:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 790772 seconds with 8940 seconds of active time.  This session ended with a crash.

Error: (01/18/2012 08:18:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/15/2011 06:48:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2011 00:08:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 684 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (05/15/2011 11:54:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2011 10:55:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 128 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (08/04/2010 03:17:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1013182 seconds with 5340 seconds of active time.  This session ended with a crash.

Error: (07/20/2010 09:01:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 1141 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (07/18/2010 07:14:46 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-07-06 19:57:13.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:57:11.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:57:10.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:57:08.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:56:26.516
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:56:25.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:56:23.318
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-06 19:56:21.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20150625.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-04 09:29:51.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-04 09:29:49.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 69%
Total physical RAM: 3573.05 MB
Available physical RAM: 1102.29 MB
Total Virtual: 7331.84 MB
Available Virtual: 4483.64 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288 GB) (Free:161.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 28000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End of log ============================

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,226 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:23 PM

Posted 07 July 2015 - 07:09 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users