LandzDown Forum

Hi, all. I would like a check up for my computer, please. Just to be sure for it. It's the second time Adware Cleaner found some things, and I'm a little bit concerned about this.

So, here are my logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by DR WHO (administrator) on DR-WHO (01-09-2015 20:55:37)
Running from C:\Users\DR WHO\Desktop
Loaded Profiles: DR WHO (Available Profiles: UpdatusUser & DR WHO & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Pale Moon\palemoon.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Moonchild Productions) C:\Program Files (x86)\Pale Moon\palemoon.exe
(Mozilla Corporation) C:\Program Files (x86)\Pale Moon\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [New Value #1] => ctfmon = CTFMON.EXE
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-30] ()
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Malwarebytes Anti-Malware] => C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\mbam.exe [6554424 2015-06-18] (Malwarebytes Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F8010453-43D6-4BBC-9F0C-01DE21D23D1C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {D2701A42-19CC-471D-A852-24FF9A1F8790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D2701A42-19CC-471D-A852-24FF9A1F8790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006 -> {0F6449F6-E98F-4EDA-AE29-587FAC504EAD} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-29] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDAPP\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2014-05-14] (Simon Bünzli)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-05-16] ( )
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-07-24] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-19]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87424 2012-10-22] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-01-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-01-30] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-01-30] (ESET)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-25] ()
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S1 fxbiojph; \??\C:\Windows\system32\drivers\fxbiojph.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 20:55 - 2015-09-01 20:56 - 00025067 _____ C:\Users\DR WHO\Desktop\FRST.txt
2015-09-01 20:55 - 2015-09-01 20:55 - 01690624 _____ (Farbar) C:\Users\DR WHO\Desktop\FRST.exe
2015-09-01 20:54 - 2015-09-01 20:55 - 00000000 ____D C:\FRST
2015-09-01 20:53 - 2015-09-01 20:53 - 02188800 _____ (Farbar) C:\Users\DR WHO\Desktop\FRST64.exe
2015-09-01 20:53 - 2015-09-01 20:53 - 00852704 _____ C:\Users\DR WHO\Desktop\SecurityCheck.exe
2015-09-01 20:44 - 2015-09-01 20:44 - 00000056 _____ C:\Windows\setupact.log
2015-09-01 20:44 - 2015-09-01 20:44 - 00000000 _____ C:\Windows\setuperr.log
2015-09-01 20:38 - 2015-09-01 20:42 - 00000000 ____D C:\AdwCleaner
2015-09-01 20:37 - 2015-09-01 20:37 - 01654272 _____ C:\Users\DR WHO\Desktop\AdwCleaner.exe
2015-08-31 15:16 - 2015-08-31 15:16 - 00001180 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e6d498a015.job
2015-08-29 13:09 - 2015-09-01 18:36 - 00000000 ____D C:\Windows\Minidump
2015-08-29 11:07 - 2015-08-29 11:07 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetectionF1CC1568-0047-4884-9EC6-6085832ECDEC
2015-08-28 19:52 - 2015-08-28 19:59 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Scribus
2015-08-28 19:50 - 2015-08-28 19:51 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.5
2015-08-28 19:49 - 2015-08-28 19:51 - 00000000 ____D C:\Program Files\Scribus 1.4.5
2015-08-25 10:17 - 2015-08-25 10:29 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\IrfanView
2015-08-23 10:16 - 2015-08-23 10:16 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetection2D447C3B-6D9C-4750-ADD9-3CC938FCEE23
2015-08-19 13:09 - 2015-08-11 04:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:09 - 2015-08-11 04:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 13:09 - 2015-08-11 03:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 13:09 - 2015-08-11 03:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 15:36 - 2015-09-01 19:56 - 08292893 _____ C:\Users\DR WHO\Desktop\ΠαροÏ...σίαση1.pptx
2015-08-18 11:23 - 2015-08-18 11:23 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetection272ACDFF-8C45-4DFD-962F-015708FB58D2
2015-08-16 13:31 - 2015-08-16 13:31 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\temp
2015-08-14 10:37 - 2015-08-14 11:45 - 1631322112 _____ C:\Users\DR WHO\Documents\linuxmint-17.2-cinnamon-64bit.iso
2015-08-12 10:59 - 2015-07-16 22:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 10:59 - 2015-07-16 22:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 10:59 - 2015-07-16 22:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 10:59 - 2015-07-11 16:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 10:39 - 2015-07-30 16:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:39 - 2015-07-30 16:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:45 - 2015-07-21 03:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 09:45 - 2015-07-21 03:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 09:45 - 2015-07-16 23:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 09:45 - 2015-07-16 23:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 09:45 - 2015-07-16 23:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 09:45 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 09:45 - 2015-07-16 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 09:45 - 2015-07-16 23:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 09:45 - 2015-07-16 23:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 09:45 - 2015-07-16 23:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 09:45 - 2015-07-16 23:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 09:45 - 2015-07-16 23:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 09:45 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 09:45 - 2015-07-16 23:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 09:45 - 2015-07-16 23:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 09:45 - 2015-07-16 23:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 09:45 - 2015-07-16 23:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 09:45 - 2015-07-16 22:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 09:45 - 2015-07-16 22:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 09:45 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 09:45 - 2015-07-16 22:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 09:45 - 2015-07-16 22:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 09:45 - 2015-07-16 22:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 09:45 - 2015-07-16 22:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 09:45 - 2015-07-16 22:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 09:45 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 09:45 - 2015-07-16 22:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 09:45 - 2015-07-16 22:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 09:45 - 2015-07-16 22:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 09:45 - 2015-07-16 22:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 09:45 - 2015-07-16 22:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 09:45 - 2015-07-16 22:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 09:45 - 2015-07-16 22:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 09:45 - 2015-07-16 22:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 09:45 - 2015-07-16 22:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 09:45 - 2015-07-16 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 09:45 - 2015-07-16 22:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 09:45 - 2015-07-16 22:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 09:45 - 2015-07-16 22:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 09:45 - 2015-07-16 22:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 09:45 - 2015-07-16 22:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 09:45 - 2015-07-16 22:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 09:45 - 2015-07-16 22:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 09:45 - 2015-07-16 22:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 09:45 - 2015-07-16 22:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 09:45 - 2015-07-16 22:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 09:45 - 2015-07-16 21:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 09:45 - 2015-07-16 21:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 09:45 - 2015-07-16 21:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 09:45 - 2015-07-16 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 09:44 - 2015-07-15 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 09:42 - 2015-07-15 21:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 09:42 - 2015-07-15 21:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 09:42 - 2015-07-15 21:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 09:42 - 2015-07-15 21:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 09:42 - 2015-07-15 21:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 09:42 - 2015-07-15 21:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 09:42 - 2015-07-15 21:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 09:42 - 2015-07-15 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 09:42 - 2015-07-15 21:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 09:42 - 2015-07-15 20:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 09:42 - 2015-07-15 20:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 09:42 - 2015-07-15 20:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 09:42 - 2015-07-15 20:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 09:42 - 2015-07-15 20:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 09:42 - 2015-07-15 20:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 09:41 - 2015-07-30 21:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 09:41 - 2015-07-30 20:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 09:41 - 2015-07-30 19:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 09:41 - 2015-07-30 19:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 09:41 - 2015-07-30 19:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 09:41 - 2015-07-15 21:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 09:41 - 2015-07-15 21:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 09:41 - 2015-07-15 21:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 09:41 - 2015-07-15 21:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 09:41 - 2015-07-15 20:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 09:41 - 2015-07-15 20:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 09:41 - 2015-07-15 20:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 09:41 - 2015-07-15 19:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 09:41 - 2015-07-15 19:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 09:41 - 2015-07-15 19:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 09:41 - 2015-07-15 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 09:41 - 2015-07-15 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:37 - 2015-07-15 06:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 09:37 - 2015-07-15 06:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 09:37 - 2015-07-15 06:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 09:37 - 2015-07-15 06:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 09:37 - 2015-07-15 05:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 09:37 - 2015-07-15 05:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 09:37 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 09:37 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 09:29 - 2015-07-20 21:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 09:29 - 2015-07-20 21:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 09:29 - 2015-07-20 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 09:29 - 2015-07-10 20:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 09:29 - 2015-07-10 20:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 09:29 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 09:29 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 09:29 - 2015-07-09 20:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 09:29 - 2015-07-01 23:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 09:29 - 2015-07-01 23:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 09:29 - 2015-07-01 23:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 09:29 - 2015-07-01 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-08 23:35 - 2015-08-08 23:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-08 23:35 - 2015-08-08 23:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-08 22:34 - 2015-08-08 22:34 - 00000000 ____D C:\Users\DR WHO\AppData\Local\GWX
2015-08-08 22:13 - 2015-07-28 23:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-08 22:13 - 2015-07-28 23:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-08 22:13 - 2015-07-28 22:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-03 22:12 - 2014-12-11 20:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-01 20:54 - 2009-07-14 07:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-01 20:54 - 2009-07-14 07:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 20:53 - 2011-12-14 09:30 - 02006538 _____ C:\Windows\WindowsUpdate.log
2015-09-01 20:48 - 2014-10-14 21:35 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 20:48 - 2012-03-31 18:03 - 00000000 ____D C:\ProgramData\MCShield
2015-09-01 20:44 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 20:22 - 2013-07-02 00:06 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Skype
2015-09-01 20:14 - 2013-05-04 18:09 - 00001184 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f.job
2015-09-01 19:59 - 2009-07-14 08:13 - 00840052 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-01 16:46 - 2012-02-28 15:58 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881.job
2015-09-01 13:46 - 2014-08-19 22:21 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Audacity
2015-09-01 13:45 - 2014-11-30 13:15 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\vlc
2015-09-01 12:47 - 2012-02-28 16:06 - 00000509 _____ C:\Windows\demdata.txt
2015-08-31 15:16 - 2015-07-16 16:15 - 00001180 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfc980c21059.job
2015-08-28 19:50 - 2013-05-26 17:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-28 10:35 - 2015-07-11 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-28 09:50 - 2013-07-01 23:54 - 00000000 ____D C:\Users\DR WHO
2015-08-28 09:32 - 2013-06-24 10:05 - 00000000 ____D C:\Program Files\Recuva
2015-08-27 10:45 - 2013-07-02 09:21 - 00000000 ____D C:\Users\DR WHO\Documents\GAMES
2015-08-27 09:36 - 2015-06-20 13:26 - 00023970 _____ C:\Windows\PFRO.log
2015-08-26 20:03 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Pale Moon
2015-08-25 10:55 - 2013-07-13 23:19 - 00013312 _____ C:\Users\DR WHO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-24 13:17 - 2012-02-17 16:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-24 09:43 - 2009-07-14 07:45 - 05213184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-23 18:14 - 2013-07-01 23:58 - 00164568 _____ C:\Users\DR WHO\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-22 12:50 - 2015-06-29 22:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-13 09:47 - 2013-06-23 11:49 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 09:47 - 2013-06-23 11:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 10:49 - 2012-05-20 22:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 10:49 - 2012-05-20 22:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 10:40 - 2012-02-17 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 10:39 - 2012-05-20 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 10:33 - 2009-07-14 05:34 - 00000545 _____ C:\Windows\win.ini
2015-08-12 10:31 - 2013-08-14 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 10:24 - 2012-02-17 16:02 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-10 10:30 - 2011-12-14 08:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 22:13 - 2014-12-12 15:21 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-08 22:13 - 2014-05-02 14:31 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 10:28 - 2013-08-11 11:24 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-08-05 10:28 - 2013-08-11 11:23 - 00000000 ____D C:\Program Files\Paint.NET

==================== Files in the root of some directories =======

2012-06-06 07:06 - 2012-06-06 07:06 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-07-02 00:02 - 2012-08-15 13:05 - 0000033 _____ () C:\Users\DR WHO\AppData\Roaming\pcouffin.log
2014-09-21 12:45 - 2014-09-21 12:48 - 0025600 ___SH () C:\Users\DR WHO\AppData\Roaming\Thumbs.db
2013-07-02 00:02 - 2013-07-01 20:02 - 0020521 _____ () C:\Users\DR WHO\AppData\Roaming\UserTile.png
2015-05-09 21:43 - 2015-07-14 21:27 - 0000600 _____ () C:\Users\DR WHO\AppData\Roaming\winscp.rnd
2013-07-13 23:19 - 2015-08-25 10:55 - 0013312 _____ () C:\Users\DR WHO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-14 15:19 - 2015-05-14 15:19 - 0002382 _____ () C:\Users\DR WHO\AppData\Local\recently-used.xbel
2015-07-24 13:43 - 2015-07-24 13:43 - 0000017 _____ () C:\Users\DR WHO\AppData\Local\resmon.resmoncfg
2012-02-17 18:28 - 2012-02-17 18:28 - 0000040 ___SH () C:\ProgramData\.zreglib
2012-08-26 18:09 - 2012-08-26 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-02-19 16:02 - 2012-02-19 16:08 - 0001251 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\DR WHO\AppData\Local\temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap =================

(T

Logs, Part 2:

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-07-03 11:29

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by DR WHO (2015-09-01 20:56:35)
Running from C:\Users\DR WHO\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1297263482-2230557874-2472846458-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1297263482-2230557874-2472846458-1008 - Limited - Enabled)
DR WHO (S-1-5-21-1297263482-2230557874-2472846458-1006 - Administrator - Enabled) => C:\Users\DR WHO
Guest (S-1-5-21-1297263482-2230557874-2472846458-501 - Limited - Enabled) => C:\Users\Guest
UpdatusUser (S-1-5-21-1297263482-2230557874-2472846458-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{56860228-B25F-4E35-A5BB-7B442B12BCD0}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Allok Video Joiner 4.6.0422 (HKLM-x32\...\Allok Video Joiner_is1) (Version:  - Allok Soft Inc.)
Allok Video Splitter 3.0.1130 (HKLM-x32\...\Allok Video Splitter_is1) (Version:  - Allok Soft Inc.)
A-PDF Number freeware 1.3 (HKLM-x32\...\A-PDF Number_is1) (Version:  - A-PDF.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 9.12 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.1.2 - ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.67 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.67 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DesignPro SE eMedia (HKLM-x32\...\InstallShield_{58CE4D8C-D8F5-43BD-9719-A89392DE47A8}) (Version: 5.0.1056 - Avery Dennison)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Dropbox (HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ESET Smart Security (HKLM\...\{293ADC3B-DCF3-44C2-9CE8-19DD2B4F7646}) (Version: 8.0.312.0 - ESET, spol s r. o.)
Finale 2011 (HKLM-x32\...\Finale 2011) (Version: 2011..r2.2 - MakeMusic)
FireArc Arcade (HKLM-x32\...\{CF3DDAEA-DA57-42E0-8430-185CC39160F9}) (Version: 0.3.16 - FireArc.com)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12262 - HP Photo Creations)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
IBM SPSS Amos 19 (HKLM-x32\...\{B132EFD2-BF03-48AA-8EC8-404E4C5199C5}) (Version: 19.0.0 - SPSS, Inc., an IBM Company)
IBM SPSS Statistics 19 (HKLM-x32\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0.1 - SPSS Inc., an IBM Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDBAnalyzerV3 (HKLM-x32\...\{E087BA8A-7D38-42DD-90E1-85AD12D3FBBB}) (Version: 3.1.5 - IEA)
IE Java Block 32bit Shim (HKLM\...\{01cf069a-f8a1-4067-adc4-5ef7e922733c}.sdb) (Version:  - )
IE Java Block 64bit Shim (HKLM\...\{b6631758-86a3-42a8-a308-9fe150096f25}.sdb) (Version:  - )
ImTOO Audio Converter Pro (HKLM-x32\...\ImTOO Audio Converter Pro) (Version: 6.5.0.20130130 - ImTOO)
ImTOO Convert PowerPoint to Video Personal (HKLM-x32\...\ImTOO Convert PowerPoint to Video Personal) (Version: 1.1.1.20120601 - ImTOO)
ImTOO DVD Copy 2 (HKLM-x32\...\ImTOO DVD Copy 2) (Version: 2.0.2.20130128 - ImTOO)
ImTOO DVD Creator (HKLM-x32\...\ImTOO DVD Creator) (Version: 7.0.3.1214 - ImTOO)
ImTOO DVD Ripper Ultimate (HKLM-x32\...\ImTOO DVD Ripper Ultimate) (Version: 7.0.0.1121 - ImTOO)
ImTOO Video Converter Ultimate (HKLM-x32\...\ImTOO Video Converter Ultimate) (Version: 7.7.2.20130122 - ImTOO)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.3.7.2 (HKLM-x32\...\{8ED4A1FC-56CF-414C-A9AB-A37714AA9EA7}) (Version: 4.3.7.2 - The Document Foundation)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Mendeley Desktop 1.8.2 (HKLM-x32\...\Mendeley Desktop) (Version: 1.8.2 - Mendeley Ltd.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Greek/Ελληνικά (HKLM-x32\...\Office15.OMUI.el-gr) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Publisher 2013 - en-us (HKLM\...\PublisherRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.4.49.0 - Nokia)
Nokia Suite (x32 Version: 3.4.49.0 - Nokia) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pale Moon 25.7.0 (x86 en-US) (HKLM-x32\...\Pale Moon 25.7.0 (x86 en-US)) (Version: 25.7.0 - Moonchild Productions)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - ) Hidden
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Scribus 1.4.5 (64bit) (HKLM\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0408-0000-0000000FF1CE}_Office15.OMUI.el-gr_{4BFA9DD3-F090-430E-A37D-52FE52C8AC80}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skypeâ,,¢ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SnowChristmasTree 1.6 (HKLM-x32\...\SnowChristmasTree_is1) (Version:  - Respectsoft Company)
Stream What You Hear (SWYH) version 1.4 (HKLM-x32\...\{5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1) (Version: 1.4 - Sebastien.warin.fr)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1194 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Syncios version 4.1.6 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.6 - Anvsoft, Inc.)
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.10.11100.8.106 - Nero AG)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TinkerPlots (HKLM-x32\...\{E4BC7400-140D-40C6-B6F9-617F88E0D7A7}) (Version: 1.0.0 - Key Curriculum Press)
Total Uninstall 5.2.0 (HKLM-x32\...\Total Uninstall 5 & Power Dream_is1) (Version:  - )
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0408-0000-0000000FF1CE}_Office15.OMUI.el-gr_{59BD2DC0-7F1B-4DBA-A575-AF7439022DDD}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)
Εργαλεία γλωσσικού ελέγχοÏ... Ï,,οÏ... Microsoft Office 2013 - Ελληνικά (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Κρεμάλα (HKLM-x32\...\Κρεμάλα1.0) (Version: 1.0 - Î"εώργιοÏ, ΝάÏ,,σιοÏ,)
ÎœÎ'ΤΖΕΝΤÎ' - Î'γγλικό-Ελληνικό & Ελληνικό-Î'γγλικό λεξικό (HKLM-x32\...\ÎœÎ'ΤΖΕΝΤÎ' - Î'γγλικό-Ελληνικό & Ελληνικό-Î'γγλικό λεξικό_is1) (Version:  - ÎœÎ'ΤΖΕΝΤÎ' Ε.Π.Ε.)
ΣÏ...λλογή φωÏ,,ογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

31-08-2015 18:48:21 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2015-06-20 13:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1EF7FADF-5049-4B09-A1D5-16A9EFF2F8D1} - System32\Tasks\hpUrlLauncher.exe_{7673AFA3-CCA2-4463-9A19-B8F3E73BF51E} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {1FDD655D-E7EB-4579-8682-BCC0F7F7738F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {2013AA24-F3BA-4DB4-BF46-1ABD5FF62D78} - System32\Tasks\{8473AB5F-FC79-4514-B90F-38C4D9240555} => pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 5\NokiaApplicationInstaller.exe" -d C:\Windows\system32
Task: {203EE93B-D178-4E56-80DB-1B377F796DDE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {29806EA5-54FB-468B-A541-63B0A85D7A02} - System32\Tasks\{E0B92760-8D3A-46F1-AF04-9AE20F393694} => pcalua.exe -a "G:\PROGRAMS DOWNLOADS\ImTOO Media Toolkit Ultimate 5.0.84 with Serial\Setup.exe" -d "G:\PROGRAMS DOWNLOADS\ImTOO Media Toolkit Ultimate 5.0.84 with Serial"
Task: {39354264-E944-4DC4-8F40-45104B5443D1} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {498676F9-15B0-4DED-8517-851BDE9339A9} - System32\Tasks\{F665551F-35F3-4552-8D6A-40D5CFA5DD52} => C:\Program Files (x86)\AoA MP4 Patch\MP.exe
Task: {66056E99-0EC9-4DC2-B5E4-AA1698A38161} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {6B82F8F5-DE61-4796-A368-0F14CE7C7949} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6E31F4BF-3486-4068-913D-0C029A3003A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {711C450A-AE3F-4785-B795-7A386E37D4BA} - System32\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7967D56E-77FB-480A-B0BE-B9135EDB51C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-06-29] (Microsoft Corporation)
Task: {997B08D6-4BCE-4411-BD4E-5C6BE1CACC79} - System32\Tasks\{41072E3A-ABAC-4255-AC85-625F43DCB82C} => pcalua.exe -a "C:\Users\MA RIA\Desktop\R314408.exe" -d "C:\Users\MA RIA\Desktop"
Task: {AF1FFEFA-1BC8-4615-B6FF-F73492585582} - System32\Tasks\{965F4902-23A4-48E5-9B90-7BD3B93AE866} => C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 6\Ipe.exe
Task: {B51562D1-38D0-4C63-90D5-353B9D0260C0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {B8F86E1B-B12E-4BF0-94B3-5F1953347BED} - System32\Tasks\{D2080F67-3940-4D3C-8F67-D00CB5DD7D6E} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nokia\Tools\NclConf.cpl"
Task: {BBED8A28-C838-4A51-A8C5-B293E31AC55D} - System32\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CB2D1FF5-8EED-41EB-BCE1-BE4EF8AABA26} - System32\Tasks\{598E947B-6915-4A5C-BAD4-19218AB35C34} => C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 6\Ipe.exe
Task: {CDF3D110-38C9-4C91-82BB-ACBD835EA06A} - System32\Tasks\{DBDAF63F-26F3-4BC5-8597-06ED40747F58} => pcalua.exe -a "D:\IBM.SPSS.Statistics.19.Fix.Pack1.Amos.19\Statistics 19\Statistics 19 Language win32.exe" -d "D:\IBM.SPSS.Statistics.19.Fix.Pack1.Amos.19\Statistics 19"
Task: {D89D8228-A8EE-4137-A088-23946CADEF65} - System32\Tasks\AdobeAAMUpdater-1.0-DR-M-MA RIA => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {D90558B5-EA83-4DFC-8FFF-4B0872207487} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-06-29] (Microsoft Corporation)
Task: {D9DA3CAB-95F8-4BBE-AA44-CF4A818EAA0E} - System32\Tasks\{E1AFCA59-CDE5-4A7B-9A0C-5AF71CB468E9} => pcalua.exe -a "C:\Users\MA RIA\Desktop\ImTOO Media Toolkit Ultimate 5.0.84 with Serial\Setup.exe" -d "C:\Users\MA RIA\Desktop\ImTOO Media Toolkit Ultimate 5.0.84 with Serial"
Task: {DD6790D3-F513-4285-8550-66DDB0455A40} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E48C0E62-DF58-48F3-AF64-CFC4793BA3C2} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {F1B7B324-A55D-406A-8091-FA16A25412C5} - System32\Tasks\{28940106-E310-4780-A939-668F8DF96A2D} => pcalua.exe -a "C:\Users\MA RIA\Desktop\PE3SE\Setup.exe" -d "C:\Users\MA RIA\Desktop\PE3SE"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9138311a0f64.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed30fe81a076.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d001da181adb5e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0423079f86ff6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09307562a7b24.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfc980c21059.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e6d498a015.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-29 22:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-02-03 11:41 - 2013-10-23 11:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-29 22:57 - 2015-06-29 22:57 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-12 16:46 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2011-04-30 03:18 - 2011-04-30 03:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-30 03:13 - 2011-04-30 03:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-04-30 03:13 - 2011-04-30 03:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2015-07-29 19:29 - 2015-08-26 20:03 - 03060736 _____ () C:\Program Files (x86)\Pale Moon\mozjs.dll
2015-08-13 09:47 - 2015-08-13 09:47 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:58DD92AC
AlternateDataStreams: C:\ProgramData\Temp:6DDED7D9

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\DR WHO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^DR WHO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^MA RIA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MA RIA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MA RIA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CTFMon => C:\Windows\system32\ctfmon.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: emsisoft anti-malware => "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Freecorder FLV Service => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Photosmart 5510 series (NET) => "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BM21FZW05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KSafeTray => "C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe" -autorun
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SkyDrive => "C:\Users\DR WHO\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SnowChristmasTree => C:\Program Files (x86)\SnowChristmasTree\SnowChristmasTree.exe
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
MSCONFIG\startupreg: StreamWhatYouHear => C:\Program Files (x86)\Stream What You Hear\SWYH.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Viber => "C:\Users\DR WHO\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DB249DBD-EE00-4B72-A6CE-71E06E0FA00D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D854E966-CF0F-4AF0-A56E-9C21E2C58988}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{EB91D902-0C90-4B33-919B-C74773991263}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DBAF11EF-09F5-48AD-B62E-FBFCF701A6BD}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{221BE2C8-5C10-44CC-B794-27206D7830BA}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{9265FC97-535D-48BA-B568-44E7093F6B8C}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{52B0197F-395C-470B-A7FE-61F00CF021D7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{6063E365-4059-47DC-9A97-35696CC2C5B4}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{8185D884-1D08-4F01-9478-083FAA6F606C}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{5F98C395-179C-4BF8-84E5-03A0F9DDBDF7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{6F3D645A-4C36-43DC-A4A4-4F198AA0969B}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{F78083FE-E6DE-48B4-B8EC-159387BC9394}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{FB1B0804-E47E-489A-99D2-5BE834DFE1B0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{3740E8A4-0DBD-4CFA-9EE6-6B03513F0DD9}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{A843AD68-0786-4194-B9DF-01D791BDA5E9}] => (Allow) LPort=9700
FirewallRules: [{8785735A-C016-4AFD-8F6B-3CF7F600360A}] => (Allow) LPort=9701
FirewallRules: [{2F51326D-821B-4EDE-B98C-436836D544F8}] => (Allow) LPort=9702
FirewallRules: [{C1A4DE6F-845E-4F17-BAE9-0CE51616FA23}] => (Allow) LPort=9700
FirewallRules: [{55495C7E-3647-45AC-9CA2-872E232163AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FD457877-3080-4C59-ACE6-4CF79CE41916}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9856B264-ADEF-4504-977D-B288BBCD31D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{1FF8A2C6-744D-4A30-A1C9-EA8EEC973FA3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{86773263-B5E3-4F7C-B4C4-EA78DEFE3DEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{07035AA6-0A41-47BD-A5AF-2300ABE74708}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A67FF22E-7423-41C5-BC85-3F16D0A2E09B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{DA16B6B1-79B0-48F3-BE26-F096D95EF78B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{92E159B4-FA28-4E4A-9779-D4B459199E01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6FC01138-BFB6-4A2F-922C-825A5C21FFC3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{72B684A0-FD19-4FE1-AA85-3D324D72B161}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{B35825D7-7F82-4481-952A-C182C5984650}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{58624D18-C215-4A0B-B6BB-FA51A95BB4E3}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{42906787-D4CE-4048-B7D7-FA1F3FAD1335}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{5DC2A116-1773-4176-9FC3-8B29E9D3C1B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{6755B624-AB50-4545-95A9-99F517C77A31}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FE199B2F-B846-44D9-804D-3A611D71E25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{3BC135CF-D3B4-4ADF-81F2-4D6F040E8398}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{3E17F9AB-5963-4881-941D-64E3A46E4B91}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B06011D9-D247-4E9C-B414-8435BB6B5550}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9BF4289D-795C-47AB-B4E0-B2680C0113FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{7F30D603-BBC8-44A3-9AD6-2CF78B389079}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{43A74E93-E8E8-42CA-B0A8-C384B1251F2C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D0330D46-390F-4097-9BF0-863C7134810C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{46315480-DA92-405E-8F89-E024AADB6BB3}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{3F6C53C9-52DF-474F-B5F0-45C6CDD00E8A}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{49B6B824-BF59-4334-A36A-F20A71D8693D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{5ADE9BE2-2E9F-4551-9440-FEC76B98D8DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE36BB84-F85E-41A0-8BD2-2757488EA2E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9B096445-E149-4000-96D7-F2888AB1D747}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{92DA2A13-786F-4808-9A56-6CE7EDD767F1}] => (Allow) C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{789CC08B-9AB0-459D-936E-C56C4F8D3095}] => (Allow) C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6987AD32-CECE-4E60-B3AF-095E877CD22B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BAB7D214-B574-4A48-A33A-44F8D39ED7AA}] => (Allow) LPort=2869
FirewallRules: [{648FCFA8-2DF2-4E65-8D49-9F0B4F7D7292}] => (Allow) LPort=1900
FirewallRules: [{B15FBDE0-3A9C-48AA-AD6F-BF7C86364404}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83582951-4A0D-4D43-951F-A9D2F1CB1134}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20123DF0-AB50-4EF7-B621-B5F3D127C389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D83918F6-44EC-4FD1-9F87-A7BCFCCC15D9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF8F1F3A-613D-4DC4-9598-A8DED13B0F3C}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3E9D33D6-6EB0-40A0-A66E-B1515E2BF731}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A9ADB302-139F-4B80-8B7F-E5AD61405FF6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{701F78E4-EBFA-4DFE-82FE-1AB966F96358}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{B47CB0A8-81CA-4E6B-A0F1-B9F12D44B5A3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet MFP M476dw
Description: HP Color LaserJet MFP M476dw
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP4005
Description: HP Color LaserJet CP4005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2015 08:45:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3994

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3994

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/01/2015 08:43:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%109

Error: (09/01/2015 08:43:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (09/01/2015 08:43:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (09/01/2015 08:43:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (09/01/2015 08:43:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (09/01/2015 08:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/01/2015 08:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/01/2015 08:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/01/2015 08:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/01/2015 08:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office:
=========================
Error: (09/01/2015 08:45:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6053

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6053

Error: (09/01/2015 02:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (09/01/2015 02:28:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3994

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3994

Error: (09/01/2015 02:28:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity:
===================================
  Date: 2015-06-20 12:57:49.980
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-20 12:57:49.960
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-20 12:57:49.900
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-06-20 12:57:49.880
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-26 21:16:17.877
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-26 21:16:09.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-26 21:15:53.428
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-23 07:32:10.926
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-06-23 07:32:10.879
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-06-23 07:32:10.833
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 51%
Total physical RAM: 6038.17 MB
Available physical RAM: 2900.59 MB
Total Virtual: 12074.54 MB
Available Virtual: 8756.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:679 GB) (Free:493.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=679 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Logs, Part 4:

Results of screen317's Security Check version 1.008 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Disabled! 
ESET Smart Security 8.0   
Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````[/u]
Secunia PSI (3.0.0.7009)   
Java 8 Update 51 
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.232 
Mozilla Thunderbird (38.0.1)
Google Chrome 35.0.1916.153 Google Chrome out of date! 
````````Process Check: objlist.exe by Laurent````````[/u] 
ESET NOD32 Antivirus egui.exe 
ESET NOD32 Antivirus ekrn.exe 
Malwarebytes Anti-Malware mbamservice.exe 
Malwarebytes Anti-Malware mbam.exe 
Malwarebytes Anti-Exploit mbae-svc.exe   
Malwarebytes Anti-Malware mbamscheduler.exe   
Malwarebytes Anti-Exploit mbae64.exe   
Malwarebytes Anti-Exploit mbae.exe   
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````[/u]


# AdwCleaner v5.005 - Logfile created 01/09/2015 at 20:42:32
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : DR WHO - DR-WHO
# Running from : C:\Users\DR WHO\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Pale Moon\browser\searchplugins\yahoo.xml

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\distromatic
[!] Key Not Deleted : [x64] HKCU\Software\distromatic

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [802 bytes] ##########

Hi, Panos.

First comes the lectures:

1.  Available Profiles: UpdatusUser & DR WHO & Guest.  Doesn't your nephew have his own computer now?  Even if he doesn't or if your sister, niece, cousins, brother-in-law, etc. needed to use your computer, he/they need their own limited account or you need to create a "family" limited account for their use and disable the Guest account.  The UpdatusUser is a limited account.  Who uses that account?

2.  What in heavens name is with all the disabled items in MSConfig?  You had WinPatrol installed but had the startup entry disabled.  A major use of WinPatrol is safely managing startup programs.  So, now you have leftovers of uninstalled programs disabled by MSConfig.  Emsisoft is no longer installed on your computer, but it is still listed in MSConfig.  I'm not seeing  Google Chrome in the installed programs list, yet I see the toobar, update helper, etc. in installed programs and multiple tasks to update.

There are probably more like that but those two are enough to give you an example.  MSConfig should only be used for trouble-shooting.  A custom install or (surprise, surprise) WinPatrol for controlling startup items is the best way of handling unwanted startup programs.  Unfortunately, there is no guaranteed safe automated method of reversing that long list of changes made to startup via MSConfig and you'll need to do it manually to remove them. 

Now on to FRST.  There's an old file shown in the logs that was listed as ok in an old TDSSkiller log but the only search results for the file name are in your log so I'm going to have FRST handle it.  If there is a problem it can always be restored.

Please do the following to run FRST: 

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Open Notepad (Start =>All Programs => Accessories => Notepad).
  
• Copy/Paste the entire contents of the code box below into Notepad.
  


start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [New Value #1] => ctfmon = CTFMON.EXE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
C:\Program Files (x86)\Emsisoft Anti-Malware
S1 fxbiojph; \??\C:\Windows\system32\drivers\fxbiojph.sys [X]
Task: {1FDD655D-E7EB-4579-8682-BCC0F7F7738F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {E48C0E62-DF58-48F3-AF64-CFC4793BA3C2} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9138311a0f64.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed30fe81a076.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d001da181adb5e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0423079f86ff6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09307562a7b24.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfc980c21059.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e6d498a015.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:58DD92AC
AlternateDataStreams: C:\ProgramData\Temp:6DDED7D9
EmptyTemp:
end


• Click Format and ensure Wordwrap is unchecked.
  
• Important:  Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  
• Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  
  
  
  • Press the Fix button once and wait.
    
  • FRST will process fixlist.txt
    
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    
  • Please post the log in your next reply.
    

Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/) to your desktop.

• Disable your protection software now to avoid potential conflicts.
  
• Run the tool by double-clicking it.  If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  
• Post the contents of JRT.txt into your next message.
  

Please do the above first and then, after you re-enable the long list via MSConfig, we can take a look later at removing left-overs from already removed programs.

Corrine,

I created an account for anyone who wants to use my computer, a long time ago. Its name is DR WHO'S FRIENDS. I can see it every time the computer starts. I don't know what UpdatusUser and Guest accounts are and I don't know who uses them! I remember I asked you a lot of questions about the kind of accounts, but it seems that I understood nothing... Why these accounts are there and should I delete them and how?  And what is ASPNET account somewhere in the log???

As for MSConfig... I told you that I was using it, when I decided to install Win Patrol. You told me about the dangers of using msconfig, but I didn't realise then that I should do anything. After I saw that I couldn't use Win Patrol, I uninstalled it... http://www.landzdown.com/winpatrol-help-information/how-to-start/  Please, if I reinstall it, help me to understand what it does. Except from the controlling of start up programs.

I also didn't understand what to do with MSConfig, now. Should I tick everything in there??

Why Google Chrome appears everywhere? I don't have it, as well as Emsisoft...

Here are my logs:

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by DR WHO (2015-09-02 00:02:31) Run:1
Running from C:\Users\DR WHO\Desktop
Loaded Profiles: DR WHO (Available Profiles: UpdatusUser & DR WHO & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [New Value #1] => ctfmon = CTFMON.EXE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
C:\Program Files (x86)\Emsisoft Anti-Malware
S1 fxbiojph; \??\C:\Windows\system32\drivers\fxbiojph.sys [X]
Task: {1FDD655D-E7EB-4579-8682-BCC0F7F7738F} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {E48C0E62-DF58-48F3-AF64-CFC4793BA3C2} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9138311a0f64.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed30fe81a076.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d001da181adb5e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0423079f86ff6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09307562a7b24.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfc980c21059.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e6d498a015.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:58DD92AC
AlternateDataStreams: C:\ProgramData\Temp:6DDED7D9
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\New Value #1 => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
catchme => service removed successfully
cleanhlp => service removed successfully
"C:\Program Files (x86)\Emsisoft Anti-Malware" => File/Folder not found.
fxbiojph => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FDD655D-E7EB-4579-8682-BCC0F7F7738F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FDD655D-E7EB-4579-8682-BCC0F7F7738F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E48C0E62-DF58-48F3-AF64-CFC4793BA3C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E48C0E62-DF58-48F3-AF64-CFC4793BA3C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9138311a0f64.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfed30fe81a076.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d001da181adb5e.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0423079f86ff6.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09307562a7b24.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfc980c21059.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3e6d498a015.job => moved successfully
C:\ProgramData\Temp => ":58DD92AC" ADS removed successfully.
C:\ProgramData\Temp => ":6DDED7D9" ADS removed successfully.
EmptyTemp: => 13.1 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 00:03:12 ====


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by DR WHO on ’œ« 02/09/2015 at  0:07:59,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\DR WHO\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\DR WHO\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\DR WHO\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\DR WHO\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’œ« 02/09/2015 at  0:15:49,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Yes, you need to check all the boxes.  After you've done that, let's see a fresh FRST log.  I won't need the additions.txt this time.

As to WinPatrol controlling startup programs, we can talk about that but you can see how easy it is here:  Startup: Disable Program Startup (http://winpatrolhelp.blogspot.com/2008/02/startup-disable-program-startup.html).  (Obviously old, since I created it before Windows 7 was released but it is still valid.)

Ok... I enabled all except from three things (I couldn't enable them. Tick is disappearing every time I enable them): Dropbox, MagicDisc and HP Digital Imaging. Every program started whith the restart! Even Christmas down counter.

Here is the new log (I will be back in about 4-5 hours):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by DR WHO (administrator) on DR-WHO (02-09-2015 13:37:37)
Running from C:\Users\DR WHO\Desktop
Loaded Profiles: DR WHO (Available Profiles: UpdatusUser & DR WHO & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Pale Moon\palemoon.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sebastien.warin.fr) C:\Program Files (x86)\Stream What You Hear\SWYH.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Moonchild Productions) C:\Program Files (x86)\Pale Moon\palemoon.exe
(Mozilla Corporation) C:\Program Files (x86)\Pale Moon\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => %windir%\WindowsMobile\wmdc.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-26] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-30] ()
HKLM\...\Run: [CTFMon] => C:\Windows\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-30] ()
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM-x32\...\Run: [RoxWatchTray] => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [KSafeTray] => "C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe" -autorun
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [emsisoft anti-malware] => "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKLM-x32\...\Run: [Desktop Disc Tool] => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
HKLM-x32\...\Run: [BCSSync] => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Malwarebytes Anti-Malware] => C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\mbam.exe [6554424 2015-06-18] (Malwarebytes Corporation)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Viber] => "C:\Users\DR WHO\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-28] (Google Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-15] (SUPERAntiSpyware)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [StreamWhatYouHear] => C:\Program Files (x86)\Stream What You Hear\SWYH.exe [370688 2015-06-02] (Sebastien.warin.fr)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SnowChristmasTree] => C:\Program Files (x86)\SnowChristmasTree\SnowChristmasTree.exe [845312 2008-12-07] (Respect Soft)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SkyDrive] => "C:\Users\DR WHO\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\DR WHO\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\DR WHO\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-09-02]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\DR WHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk [2015-09-02]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\DR WHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk [2015-09-02]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F8010453-43D6-4BBC-9F0C-01DE21D23D1C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {D2701A42-19CC-471D-A852-24FF9A1F8790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D2701A42-19CC-471D-A852-24FF9A1F8790} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1297263482-2230557874-2472846458-1006 -> {0F6449F6-E98F-4EDA-AE29-587FAC504EAD} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-29] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDAPP\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2014-05-14] (Simon Bünzli)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-05-16] ( )
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-07-24] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-19]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87424 2012-10-22] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-01-30] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-01-30] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-01-30] (ESET)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-25] ()
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2010-12-12] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 13:35 - 2015-09-02 13:35 - 00000000 ____D C:\Users\DR WHO\AppData\Local\NokiaAccount
2015-09-02 13:35 - 2015-09-02 13:35 - 00000000 ____D C:\Users\DR WHO\AppData\Local\Nokia
2015-09-02 00:15 - 2015-09-02 00:15 - 00001072 _____ C:\Users\DR WHO\Desktop\JRT.txt
2015-09-02 00:07 - 2015-09-02 00:07 - 01799392 _____ (Malwarebytes Corporation) C:\Users\DR WHO\Desktop\JRT.exe
2015-09-01 22:30 - 2015-09-01 22:30 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Sun
2015-09-01 22:30 - 2015-09-01 22:30 - 00000000 ____D C:\Users\DR WHO\.oracle_jre_usage
2015-09-01 22:20 - 2015-09-01 22:20 - 00584288 _____ (Oracle Corporation) C:\Users\DR WHO\Desktop\jxpiinstall.exe
2015-09-01 20:56 - 2015-09-01 20:57 - 00104910 _____ C:\Users\DR WHO\Desktop\Addition.txt
2015-09-01 20:55 - 2015-09-02 13:37 - 00034530 _____ C:\Users\DR WHO\Desktop\FRST.txt
2015-09-01 20:55 - 2015-09-01 20:55 - 01690624 _____ (Farbar) C:\Users\DR WHO\Desktop\FRST.exe
2015-09-01 20:54 - 2015-09-02 13:37 - 00000000 ____D C:\FRST
2015-09-01 20:53 - 2015-09-01 20:53 - 02188800 _____ (Farbar) C:\Users\DR WHO\Desktop\FRST64.exe
2015-09-01 20:53 - 2015-09-01 20:53 - 00852704 _____ C:\Users\DR WHO\Desktop\SecurityCheck.exe
2015-09-01 20:44 - 2015-09-02 13:33 - 00000224 _____ C:\Windows\setupact.log
2015-09-01 20:44 - 2015-09-01 20:44 - 00000000 _____ C:\Windows\setuperr.log
2015-09-01 20:38 - 2015-09-01 20:42 - 00000000 ____D C:\AdwCleaner
2015-09-01 20:37 - 2015-09-01 20:37 - 01654272 _____ C:\Users\DR WHO\Desktop\AdwCleaner.exe
2015-08-29 13:09 - 2015-09-01 18:36 - 00000000 ____D C:\Windows\Minidump
2015-08-29 11:07 - 2015-08-29 11:07 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetectionF1CC1568-0047-4884-9EC6-6085832ECDEC
2015-08-28 19:52 - 2015-08-28 19:59 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Scribus
2015-08-28 19:50 - 2015-08-28 19:51 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.5
2015-08-28 19:49 - 2015-08-28 19:51 - 00000000 ____D C:\Program Files\Scribus 1.4.5
2015-08-25 10:17 - 2015-08-25 10:29 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\IrfanView
2015-08-23 10:16 - 2015-08-23 10:16 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetection2D447C3B-6D9C-4750-ADD9-3CC938FCEE23
2015-08-19 13:09 - 2015-08-11 04:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 13:09 - 2015-08-11 04:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 13:09 - 2015-08-11 03:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 13:09 - 2015-08-11 03:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 15:36 - 2015-09-01 19:56 - 08292893 _____ C:\Users\DR WHO\Desktop\ΠαροÏ...σίαση1.pptx
2015-08-18 11:23 - 2015-08-18 11:23 - 00000000 ____D C:\Users\DR WHO\AppData\Local\TempTaskUpdateDetection272ACDFF-8C45-4DFD-962F-015708FB58D2
2015-08-16 13:31 - 2015-08-16 13:31 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\temp
2015-08-14 10:37 - 2015-08-14 11:45 - 1631322112 _____ C:\Users\DR WHO\Documents\linuxmint-17.2-cinnamon-64bit.iso
2015-08-12 10:59 - 2015-07-16 22:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 10:59 - 2015-07-16 22:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 10:59 - 2015-07-16 22:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 10:59 - 2015-07-16 22:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 10:59 - 2015-07-11 16:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 10:39 - 2015-07-30 16:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:39 - 2015-07-30 16:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:45 - 2015-07-21 03:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 09:45 - 2015-07-21 03:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 09:45 - 2015-07-16 23:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 09:45 - 2015-07-16 23:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 09:45 - 2015-07-16 23:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 09:45 - 2015-07-16 23:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 09:45 - 2015-07-16 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 09:45 - 2015-07-16 23:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 09:45 - 2015-07-16 23:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 09:45 - 2015-07-16 23:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 09:45 - 2015-07-16 23:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 09:45 - 2015-07-16 23:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 09:45 - 2015-07-16 23:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 09:45 - 2015-07-16 23:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 09:45 - 2015-07-16 23:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 09:45 - 2015-07-16 23:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 09:45 - 2015-07-16 23:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 09:45 - 2015-07-16 23:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 09:45 - 2015-07-16 22:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 09:45 - 2015-07-16 22:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 09:45 - 2015-07-16 22:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 09:45 - 2015-07-16 22:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 09:45 - 2015-07-16 22:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 09:45 - 2015-07-16 22:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 09:45 - 2015-07-16 22:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 09:45 - 2015-07-16 22:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 09:45 - 2015-07-16 22:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 09:45 - 2015-07-16 22:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 09:45 - 2015-07-16 22:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 09:45 - 2015-07-16 22:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 09:45 - 2015-07-16 22:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 09:45 - 2015-07-16 22:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 09:45 - 2015-07-16 22:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 09:45 - 2015-07-16 22:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 09:45 - 2015-07-16 22:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 09:45 - 2015-07-16 22:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 09:45 - 2015-07-16 22:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 09:45 - 2015-07-16 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 09:45 - 2015-07-16 22:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 09:45 - 2015-07-16 22:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 09:45 - 2015-07-16 22:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 09:45 - 2015-07-16 22:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 09:45 - 2015-07-16 22:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 09:45 - 2015-07-16 22:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 09:45 - 2015-07-16 22:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 09:45 - 2015-07-16 22:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 09:45 - 2015-07-16 22:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 09:45 - 2015-07-16 22:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 09:45 - 2015-07-16 21:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 09:45 - 2015-07-16 21:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 09:45 - 2015-07-16 21:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 09:45 - 2015-07-16 21:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 09:44 - 2015-07-15 06:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 09:42 - 2015-07-15 21:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 09:42 - 2015-07-15 21:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 09:42 - 2015-07-15 21:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 09:42 - 2015-07-15 21:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 09:42 - 2015-07-15 21:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 09:42 - 2015-07-15 21:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 09:42 - 2015-07-15 21:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 09:42 - 2015-07-15 21:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 09:42 - 2015-07-15 21:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 09:42 - 2015-07-15 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 09:42 - 2015-07-15 21:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 09:42 - 2015-07-15 20:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 09:42 - 2015-07-15 20:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 09:42 - 2015-07-15 20:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 09:42 - 2015-07-15 20:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 09:42 - 2015-07-15 20:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 09:42 - 2015-07-15 20:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 09:42 - 2015-07-15 20:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 09:42 - 2015-07-15 20:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 09:41 - 2015-07-30 21:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 09:41 - 2015-07-30 21:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 09:41 - 2015-07-30 20:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 09:41 - 2015-07-30 20:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 09:41 - 2015-07-30 19:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 09:41 - 2015-07-30 19:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 09:41 - 2015-07-30 19:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 09:41 - 2015-07-15 21:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 09:41 - 2015-07-15 21:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 09:41 - 2015-07-15 21:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 09:41 - 2015-07-15 21:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 09:41 - 2015-07-15 21:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 21:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 09:41 - 2015-07-15 20:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 09:41 - 2015-07-15 20:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 09:41 - 2015-07-15 20:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 09:41 - 2015-07-15 20:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 09:41 - 2015-07-15 20:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 20:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 09:41 - 2015-07-15 19:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 09:41 - 2015-07-15 19:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 09:41 - 2015-07-15 19:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 09:41 - 2015-07-15 19:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 09:41 - 2015-07-15 19:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 09:41 - 2015-07-15 19:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 09:37 - 2015-07-15 06:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 09:37 - 2015-07-15 06:19

And the rest of the log:

2015-08-12 09:37 - 2015-07-15 06:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 09:37 - 2015-07-15 06:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 09:37 - 2015-07-15 06:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 09:37 - 2015-07-15 05:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 09:37 - 2015-07-15 05:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 09:37 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 09:37 - 2015-07-15 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 09:29 - 2015-07-20 21:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 09:29 - 2015-07-20 21:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 09:29 - 2015-07-20 21:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 09:29 - 2015-07-20 20:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 09:29 - 2015-07-20 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 09:29 - 2015-07-10 20:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 09:29 - 2015-07-10 20:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 09:29 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 09:29 - 2015-07-09 20:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 09:29 - 2015-07-09 20:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 09:29 - 2015-07-01 23:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 09:29 - 2015-07-01 23:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 09:29 - 2015-07-01 23:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 09:29 - 2015-07-01 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-08 23:35 - 2015-08-08 23:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-08 23:35 - 2015-08-08 23:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-08 22:34 - 2015-08-08 22:34 - 00000000 ____D C:\Users\DR WHO\AppData\Local\GWX
2015-08-08 22:13 - 2015-07-28 23:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-08 22:13 - 2015-07-28 23:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-08 22:13 - 2015-07-28 23:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-08 22:13 - 2015-07-28 22:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-03 22:12 - 2014-12-11 20:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 13:36 - 2013-07-02 00:06 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Skype
2015-09-02 13:34 - 2014-10-14 21:35 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 13:34 - 2012-03-31 18:03 - 00000000 ____D C:\ProgramData\MCShield
2015-09-02 13:34 - 2011-12-14 09:30 - 02072647 _____ C:\Windows\WindowsUpdate.log
2015-09-02 13:33 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-02 13:31 - 2012-02-17 23:19 - 00000000 ____D C:\Windows\pss
2015-09-02 13:14 - 2013-05-04 18:09 - 00001184 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce48d96f4bb08f.job
2015-09-02 12:49 - 2009-07-14 07:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-02 12:49 - 2009-07-14 07:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-02 00:04 - 2015-06-20 13:26 - 00024620 _____ C:\Windows\PFRO.log
2015-09-01 22:30 - 2015-07-16 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 22:30 - 2015-07-11 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-01 22:30 - 2013-07-01 23:54 - 00000000 ____D C:\Users\DR WHO
2015-09-01 22:29 - 2015-07-16 12:29 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-01 22:29 - 2014-08-08 10:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 19:59 - 2009-07-14 08:13 - 00840052 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-01 16:46 - 2012-02-28 15:58 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task bf64327c-6b9e-43e4-b2d0-cf288408c881.job
2015-09-01 13:46 - 2014-08-19 22:21 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\Audacity
2015-09-01 13:45 - 2014-11-30 13:15 - 00000000 ____D C:\Users\DR WHO\AppData\Roaming\vlc
2015-09-01 12:47 - 2012-02-28 16:06 - 00000509 _____ C:\Windows\demdata.txt
2015-08-28 19:50 - 2013-05-26 17:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-28 09:32 - 2013-06-24 10:05 - 00000000 ____D C:\Program Files\Recuva
2015-08-27 10:45 - 2013-07-02 09:21 - 00000000 ____D C:\Users\DR WHO\Documents\GAMES
2015-08-26 20:03 - 2015-07-29 19:29 - 00000000 ____D C:\Program Files (x86)\Pale Moon
2015-08-25 10:55 - 2013-07-13 23:19 - 00013312 _____ C:\Users\DR WHO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-24 13:17 - 2012-02-17 16:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-24 09:43 - 2009-07-14 07:45 - 05213184 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-23 18:14 - 2013-07-01 23:58 - 00164568 _____ C:\Users\DR WHO\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-22 12:50 - 2015-06-29 22:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-13 09:47 - 2013-06-23 11:49 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-13 09:47 - 2013-06-23 11:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 10:49 - 2012-05-20 22:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 10:49 - 2012-05-20 22:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 10:40 - 2012-02-17 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 10:39 - 2012-05-20 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 10:33 - 2009-07-14 05:34 - 00000545 _____ C:\Windows\win.ini
2015-08-12 10:31 - 2013-08-14 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 10:24 - 2012-02-17 16:02 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-10 10:30 - 2011-12-14 08:09 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 22:13 - 2014-12-12 15:21 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-08 22:13 - 2014-05-02 14:31 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 10:28 - 2013-08-11 11:24 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-08-05 10:28 - 2013-08-11 11:23 - 00000000 ____D C:\Program Files\Paint.NET

==================== Files in the root of some directories =======

2012-06-06 07:06 - 2012-06-06 07:06 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-07-02 00:02 - 2012-08-15 13:05 - 0000033 _____ () C:\Users\DR WHO\AppData\Roaming\pcouffin.log
2014-09-21 12:45 - 2014-09-21 12:48 - 0025600 ___SH () C:\Users\DR WHO\AppData\Roaming\Thumbs.db
2013-07-02 00:02 - 2013-07-01 20:02 - 0020521 _____ () C:\Users\DR WHO\AppData\Roaming\UserTile.png
2015-05-09 21:43 - 2015-07-14 21:27 - 0000600 _____ () C:\Users\DR WHO\AppData\Roaming\winscp.rnd
2013-07-13 23:19 - 2015-08-25 10:55 - 0013312 _____ () C:\Users\DR WHO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-14 15:19 - 2015-05-14 15:19 - 0002382 _____ () C:\Users\DR WHO\AppData\Local\recently-used.xbel
2015-07-24 13:43 - 2015-07-24 13:43 - 0000017 _____ () C:\Users\DR WHO\AppData\Local\resmon.resmoncfg
2012-02-17 18:28 - 2012-02-17 18:28 - 0000040 ___SH () C:\ProgramData\.zreglib
2012-08-26 18:09 - 2012-08-26 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-02-19 16:02 - 2012-02-19 16:08 - 0001251 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\DR WHO\AppData\Local\temp\NOSEventMessages.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-07-03 11:29

==================== End of FRST.txt ============================

Hi, Panos.

I've double and triple-checked the startup items in the fix list below, comparing them to what you had disabled via MSConfig.  There were a couple of items that I did not disable because they should be in startup.  I also added the folders for removal for programs no longer installed. 

The best way to control startup programs is at the time of installation, when you can uncheck the option to add to startup.  If there is no such option or the option is not honored, then using WinPatrol to remove from startup is the safest way to go.  That way when programs are uninstalled, those orphans (including adware or malware) aren't left behind. 

Please do the following to run FRST: 

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Open Notepad (Start =>All Programs => Accessories => Notepad).
  
• Copy/Paste the entire contents of the code box below into Notepad.
  


start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-26] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM-x32\...\Run: [RoxWatchTray] => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [KSafeTray] => "C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe" -autorun
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [emsisoft anti-malware] => "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKLM-x32\...\Run: [Desktop Disc Tool] => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Viber] => "C:\Users\DR WHO\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-28] (Google Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-15] (SUPERAntiSpyware)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [StreamWhatYouHear] => C:\Program Files (x86)\Stream What You Hear\SWYH.exe [370688 2015-06-02] (Sebastien.warin.fr)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SnowChristmasTree] => C:\Program Files (x86)\SnowChristmasTree\SnowChristmasTree.exe [845312 2008-12-07] (Respect Soft)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
Folder:
c:\program files (x86)\emsisoft anti-malware
C:\Program Files (x86)\Microsoft\BingDesktop
C:\Program Files (x86)\Ruiware
C:\Program Files\McAfee.com
EmptyTemp:
end


• Click Format and ensure Wordwrap is unchecked.
  
• Important:  Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  
• Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  
  
  
  • Press the Fix button once and wait.
    
  • FRST will process fixlist.txt
    
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    
  • Please post the log in your next reply.
    

I'm so sorry for all these. But I didn't ''learn'' msconfig on my own. I have being using it for years, because I found in the internet that disabling start items there, would improve computer's speed. I thought that I was making good...

Anyway, I have still some programs that I don't want to start with Windows. I will reinstall later Win Patrol, but I will need you.

Here is the fix log:

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by DR WHO (2015-09-02 19:03:51) Run:2
Running from C:\Users\DR WHO\Desktop
Loaded Profiles: DR WHO (Available Profiles: UpdatusUser & DR WHO & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-26] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM-x32\...\Run: [RoxWatchTray] => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [KSafeTray] => "C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe" -autorun
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
HKLM-x32\...\Run: [emsisoft anti-malware] => "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKLM-x32\...\Run: [Desktop Disc Tool] => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Viber] => "C:\Users\DR WHO\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-28] (Google Inc.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-15] (SUPERAntiSpyware)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [StreamWhatYouHear] => C:\Program Files (x86)\Stream What You Hear\SWYH.exe [370688 2015-06-02] (Sebastien.warin.fr)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [SnowChristmasTree] => C:\Program Files (x86)\SnowChristmasTree\SnowChristmasTree.exe [845312 2008-12-07] (Respect Soft)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
Folder:
c:\program files (x86)\emsisoft anti-malware
C:\Program Files (x86)\Microsoft\BingDesktop
C:\Program Files (x86)\Ruiware
C:\Program Files\McAfee.com
EmptyTemp:
end

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickSet => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\IntelTBRunOnce => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\FreeFallProtection => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eraser => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Syncios device service => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RoxWatchTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDFPrint => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NeroLauncher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KSafeTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iSkysoft Helper Compact.exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Freecorder FLV Service => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\emsisoft anti-malware => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Desktop Disc Tool => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Dell Webcam Central => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BingDesktop => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\APSDaemon => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Aimersoft Helper Compact.exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\iCloudServices => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\ApplePhotoStreams => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\WinPatrol => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Viber => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\StreamWhatYouHear => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\SnowChristmasTree => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\IDMan => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\HP Photosmart 5510 series (NET) => value removed successfully
HKU\S-1-5-21-1297263482-2230557874-2472846458-1006\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully

========================= Folder: ========================

not found.

====== End of Folder: ======

"c:\program files (x86)\emsisoft anti-malware" => File/Folder not found.
"C:\Program Files (x86)\Microsoft\BingDesktop" => File/Folder not found.
"C:\Program Files (x86)\Ruiware" => File/Folder not found.
"C:\Program Files\McAfee.com" => File/Folder not found.
EmptyTemp: => 42.5 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 19:04:26 ====

Corrine,

I installed Win Patrol, and set the programs in Start up. Also I updated Java.

Of course, I will wait your next instructions, after the new fix log, but meanwhile I will ask some questions:

1. What should I do with those accounts? I only want to keep mine (Administrator-Dr Who) and one for the rests (Dr Who's Friends).
2. What about all those errors with printers?? Why there are so many? In Device Manager I have the same errors: there are no drivers for this device. But why? I print normally from all printers, via wi fi connection.
3. I have many services stopped and not running. I don't know why. Should I also enable them? How do I know what service must be running?

Thank you as always!

Quote from: Corrine on September 01, 2015, 08:50:36 PM
Hi, Panos.

First comes the lectures:

1.  Available Profiles: UpdatusUser & DR WHO & Guest.  Doesn't your nephew have his own computer now?  Even if he doesn't or if your sister, niece, cousins, brother-in-law, etc. needed to use your computer, he/they need their own limited account or you need to create a "family" limited account for their use and disable the Guest account.  The UpdatusUser is a limited account.  Who uses that account?

Well, I did some research, and found these:

UpdatusUser Account: UpdatusUser is part of the NVIDIA driver package for their graphics cards. UpdatusUser is a direct result of installing the NVIDIA Update Service and is installed automatically unless the Custom install is selected when the drivers are installed.

The Guest Account is the one I created for anyone uses my computer (I checked in my users accounts, in Control Panel). Yes, my nephew has now his own computer, but sometimes, I have to be ... good with my family. Why should I disable it and create another limited account?

ASP.NET Account: During the installation of Microsoft .NET Framework, an account named ASP.NET is created.

Your ''lectures'' made me feel so ... terrible last night, and I'm trying to do my best to help (I hope so!!!)  :( 

Hi, Panos.

I'm sorry I made you feel terrible.  I thought you understood from the WinPatrol discussion that MSConfig is only supposed to be used for troubleshooting.   

Regarding the Guest account, did you merely enable the built in Guest account or create a new account with a password?  I forgot to include the information about the other user accounts with my reply.  It took so long to research all the entries to ensure that necessary files weren't included, I completely forgot.

Anyway, on to WinPatrol.  We can continue the discussion here (http://www.landzdown.com/winpatrol-help-information/how-to-start/15/) or you can start a new topic in that forum.  Please be sure to include the programs that are starting with Windows that you don't want at startup or want delayed.

If we're finished with the "checkup" and (except for working with WinPatrol), everything else is as it should be, let's take care of removing the tools used:

Please download Delfix from here (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix).

Ensure the following boxes are checked:

• Remove disinfection tools
  
• Create registry backup
  
• Purge system restore
  (https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fwww.hdrcgb.org.uk%2Fg2g%2Fdelfix.jpg&hash=430c0d18b39654835cac5f1633ed1b23348d76f1)
  
• Click Run
  

The program will run for a few moments and then notepad will open with a log.   Please paste the log in your next reply.

Quote from: Corrine on September 02, 2015, 11:08:33 PM

It took so long to research all the entries to ensure that necessary files weren't included...

And this is the main reason I don't feel good... I am really sorry, Corrine.

As for the guest account, I think that I created it. There is no option for setting a password.

There is something else I would like to ask: what can I do with the missing drivers of the printers listed in the addition log, as well in Device Manager? The printers print normally via network. Also, why many services are disabled?

The Delfix log:

# DelFix v1.011 - Logfile created 03/09/2015 at 09:44:35
# Updated 18/08/2015 by Xplode
# Username : DR WHO - DR-WHO
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\DR WHO\Desktop\AdwCleaner.exe
Deleted : C:\Users\DR WHO\Desktop\FRST.exe
Deleted : C:\Users\DR WHO\Desktop\FRST64.exe
Deleted : C:\Users\DR WHO\Desktop\JRT.exe
Deleted : C:\Users\DR WHO\Desktop\SecurityCheck.exe
Deleted : C:\Users\DR WHO\Desktop\TFC (1).exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #838 [Windows Update | 08/31/2015 15:48:21]
Deleted : RP #840 [Restore Point Created by FRST | 09/01/2015 21:02:34]
Deleted : RP #841 [JRT Pre-Junkware Removal | 09/01/2015 21:08:10]
Deleted : RP #843 [Restore Point Created by FRST | 09/02/2015 16:03:57]

New restore point created !

########## - EOF - ##########

Hi, Panos.

Since there is no password associated with the Guest account, I suggest you disable it.  The "Dr Who's Friends" should be a limited account and password protected.  Guests would use that account.

Many of the errors were due to being disabled by MSConfig.  As to the printers, the Additions log shows two printers. 

Name: HP Color LaserJet CP4005
Name: Photosmart 5510 series

It could be that you are using generic printer drivers rather than HP drives. Do you have and use both printers?  Are they both working fine?  If so, you can ignore the Event Viewer errors.  Otherwise, you could go to the HP site and check for the most recent drivers for the printer(s).  Even though drivers can be rolled back, I still suggest creating a System Restore point if you do update the driver(s).  HP Printers - Download and Install Printer Driver and Software Via USB | HP® Customer Support (http://support.hp.com/us-en/document/c03521864)

Quote from: Corrine on September 03, 2015, 05:08:56 PM
Hi, Panos.

Since there is no password associated with the Guest account, I suggest you disable it.  The "Dr Who's Friends" should be a limited account and password protected.  Guests would use that account.

Many of the errors were due to being disabled by MSConfig.  As to the printers, the Additions log shows two printers. 

Name: HP Color LaserJet CP4005
Name: Photosmart 5510 series

It could be that you are using generic printer drivers rather than HP drives. Do you have and use both printers?  Are they both working fine?  If so, you can ignore the Event Viewer errors.  Otherwise, you could go to the HP site and check for the most recent drivers for the printer(s).  Even though drivers can be rolled back, I still suggest creating a System Restore point if you do update the driver(s).  HP Printers - Download and Install Printer Driver and Software Via USB | HP® Customer Support (http://support.hp.com/us-en/document/c03521864)

Good evening, Corrine.

The one printer is mine (5510), and the other one (LaserJet)  is the one I used at University. I added both using Add a Printer method, and via wi fi network. They both work fine. So, I will not do anything.

Now... Again with the accounts. It seems that I must create a standard account to have the option for a password. I cannot find such an option in Guest accounts.

Anyway, I installed WP. Again. :)

P.S. It's the third time in a week I got a BSOD. I thought that a Chinese memory stick I bought online was the reason, but it seems that it's not. If it happen again I will let you know. 

Corrine, thank you, once more! (https://www.landzdown.com/proxy.php?request=http%3A%2F%2Fwww.sysnative.com%2Fforums%2Fimages%2Fsmilies%2Frose.gif&hash=d57a4e8b5e8ae43339454840fd69ea8a5cd8f484)
I will see what else I can do, to ask for your help again.  ;)

No, the Guest account does not have the option to add a password. That is why I suggest it be disabled.  Granted, a "regular person" using the guest account may be safe enough, however . . . Dangers of Guest Account in Windows XP/7 - Super User (http://superuser.com/questions/427537/dangers-of-guest-account-in-windows-xp-7).

Most times, BSOD is the result of outdated drivers.  If it continues, we'll see if Satrow has time to take a look.  If not, I'll send you to Sysnative.com for assistance.

We can continue WinPatrol discussions in that forum since they may be helpful for others as well. 

I turned off Guest account, as there was not an option to delete it, and created a standard account with a password. I guess this time I did it! But... again: what's the difference between standard and guest account except from the password option???

Of course, I have some questions for WP, but I'll let them for later. There was a lot of bla bla bla from me these days.

Thank you!  :)

P.S. I'll be alert for BSOD.

What is Public User account located in Users Folder in C? Can I delete it from there?
Can I also delete ASP.NET account from Control Panel?

QuoteWhat is Public User account located in Users Folder in C?

Hiope this explains it:
http://windows.about.com/od/organizingyourstuff/f/what_is_public_folder.htm (http://windows.about.com/od/organizingyourstuff/f/what_is_public_folder.htm)

QuoteCan I also delete ASP.NET account from Control Panel?

Hope this clears it up for you:
http://forums.asp.net/t/758994.aspx?Why+is+there+an+ASP+NET+account+on+my+machine+ (http://forums.asp.net/t/758994.aspx?Why+is+there+an+ASP+NET+account+on+my+machine+)

Quote from: Ghost on September 07, 2015, 09:28:44 PM

Hiope this explains it:
http://windows.about.com/od/organizingyourstuff/f/what_is_public_folder.htm (http://windows.about.com/od/organizingyourstuff/f/what_is_public_folder.htm)

Hope this clears it up for you:
http://forums.asp.net/t/758994.aspx?Why+is+there+an+ASP+NET+account+on+my+machine+ (http://forums.asp.net/t/758994.aspx?Why+is+there+an+ASP+NET+account+on+my+machine+)

Thank you.
I will delete ASP.NET account then.
In fact, I can't understand why so many accounts are created without permission (Public, Guest, ASP.NET, Updatus).
And ofcourse, I didn't understand what's the difference between standard and guest account, except from the password.

Hi Dr. M,
account differences:
"There are three different types of accounts to a computer: standard, administrator, and guest. You might wonder what’s the difference between them or what function is limited to each type.

Administrator account:
As an administrator, you’re allowed to customize Windows freely; you can make any change to the computer: install or uninstall software and hardware you like, access to all files on the computer, and can also delete, or change other user accounts.
It seems like administrator user is the host of the computer, while others are guests. However, it’s more secure to operate the computer using a standard user account than administrator account.

Standard account:
Using a standard account is more secure than using administrator account. Standard users can only customize their own user account, which means they can’t act on their own to make changes to the computer system, or security of the computer. Once they need to they have to ask for permission form an administrator first, and only with the password given by administrator can standard user do such operations.
As a standard account user you are allowed to use most of the capabilities of the computer, but can’t make changes to them, such as install or uninstall programs.

Guest account:
A guest account user can only use the computer temporarily, and can perform almost no customization. As a guest account user, you can’t make any changes to the computer or access any personal files on the computer. Unlike standard user account, no permissions can be given to guest user account to change any settings on the computer".

Quote from: Ghost on September 09, 2015, 11:33:24 AM
Guest account:
A guest account user can only use the computer temporarily, and can perform almost no customization. As a guest account user, you can’t make any changes to the computer or access any personal files on the computer. Unlike standard user account, no permissions can be given to guest user account to change any settings on the computer".

Thank you, Ghost. So, it's better to have a guest account in my computer, but activate it only when I give it to someone else. Right???
In that a case, I will use administrator account, and delete the standard account. I suppose...

Yes, I can see you getting this expression, as you reading my questions over and over:   :o

It depends on what your family members do on your computer.  If they only go on the Internet to check something, fine, activate the guest account for them.  Otherwise, they should only be able to use programs installed for use by "everyone" and not exclusively installed on Admin account.   

Quote from: Corrine on September 09, 2015, 05:36:17 PM
It depends on what your family members do on your computer.  If they only go on the Internet to check something, fine, activate the guest account for them.  Otherwise, they should only be able to use programs installed for use by "everyone" and not exclusively installed on Admin account.

If you want you can believe me:  NOW I UNDERSTOOD WHAT IS ALL ABOUT!!

THANK YOU!!!

It's your call....

Some people use a standard account for normal "everyday" use, and only log in as an administrator when they intend to install new software.
They feel it protects them from accidentally, installing malware, and/or paying a disproportionately high price for a momentary lapse in judgement.

Good point, Pete.

Unfortunately, well-known sites with advice on computers, are giving wrong information to people. That's how I started to use the msconfig. The worst is that the advice are given by technicians ... (among others, he gives an example of bit torrent...). I know the page  is in Greek, but please look at the part with the bit torrent and msconfig...

Sorry, I forgot the attachments:

Msconfig should only be used temporarily, for diagnostics or troubleshooting startup problems. It isn't recommended as a permanent fix. If you are having a problem, it is tool to to help pinpoint the problem, i.e. bad driver, software loading on startup causing problems. Once it is figured out, uninstall or fix the problem. You should then reset it back to a normal startup mode.

I ran a search and see a bunch of so called intelligent people recommending what you have said. They need to go back to the basics and read what the msconfig really is for. I repeat msconfig is not a permanent or long term fix. It should not be used as a selective startup option on a continuous basis.

MS has told them what it is for, just because you can do it doesn't mean it will not create other problems. If the wrong things are turned off, you can render your system inoperable.

http://windows.microsoft.com/en-us/windows/using-system-configuration#1TC=windows-7

Quote from: techie on September 11, 2015, 09:47:36 PM
I ran a search and see a bunch of so called intelligent people recommending what you have said. They need to go back to the basics and read what the msconfig really is for.

You see what I mean?
If I didn't get into this Forum accidentally, my computer would be formatted many times till now, by our ''experts''. 

A question: Windows 8.1 have no msconfig as Windows 7? Or perhaps the procedure is a little bit different. I have made some changes to Start up programs from there to my nephew's computer. Do you think I should I open a new thread to fix it too or it's ok?

MS has told them what it is for, just because you can do it doesn't mean it will not create other problems. If the wrong things are turned off, you can render your system inoperable.

The same would apply if you turned the wrong things off in winpatrol or any other utility. Lets not over dramatise the issue.

With Windows 8.1, managing Startup programs is included in Task Manager.  Merely launch Task Manager, click the Startup tab and change Enabled to Disabled.  If you need additional information, see How To Disable Startup Programs In Windows 8.1 (http://www.intowindows.com/how-to-disable-startup-programs-in-windows-8-1/).

Quote from: MikeW on September 12, 2015, 02:12:30 PM
MS has told them what it is for, just because you can do it doesn't mean it will not create other problems. If the wrong things are turned off, you can render your system inoperable.

The same would apply if you turned the wrong things off in winpatrol or any other utility. Lets not over dramatise the issue.

Exactly my point, when you have so called experts recommending the average user make changes in a system utility designed for troubleshooting that can leave there system inoperable without warning them about it. It is a problem.

3rd party programs are a bit more gated.

Quote from: Corrine on September 12, 2015, 02:18:32 PM
With Windows 8.1, managing Startup programs is included in Task Manager.  Merely launch Task Manager, click the Startup tab and change Enabled to Disabled.  If you need additional information, see How To Disable Startup Programs In Windows 8.1 (http://www.intowindows.com/how-to-disable-startup-programs-in-windows-8-1/).

You can as well use this method in Win 10.

Quote from: techie on September 12, 2015, 04:10:36 PM

Quote from: Corrine on September 12, 2015, 02:18:32 PM
With Windows 8.1, managing Startup programs is included in Task Manager.  Merely launch Task Manager, click the Startup tab and change Enabled to Disabled.  If you need additional information, see How To Disable Startup Programs In Windows 8.1 (http://www.intowindows.com/how-to-disable-startup-programs-in-windows-8-1/).

You can as well use this method in Win 10.

And this cannot harm the computer as msconfig in win7?

Quote from: DR M on September 12, 2015, 01:47:47 PM

Quote from: techie on September 11, 2015, 09:47:36 PM
I ran a search and see a bunch of so called intelligent people recommending what you have said. They need to go back to the basics and read what the msconfig really is for.

You see what I mean?
If I didn't get into this Forum accidentally, my computer would be formatted many times till now, by our ''experts''. 

A question: Windows 8.1 have no msconfig as Windows 7? Or perhaps the procedure is a little bit different. I have made some changes to Start up programs from there to my nephew's computer. Do you think I should I open a new thread to fix it too or it's ok?

If your Nephews computer is starting up and running fine, I would leave it alone. If it's not broke, don't fix it.

Ok. Thank you!  This was another nice lesson, here in LzD!   :)

Quote from: DR M on September 12, 2015, 04:19:19 PM

Quote from: techie on September 12, 2015, 04:10:36 PM

Quote from: Corrine on September 12, 2015, 02:18:32 PM
With Windows 8.1, managing Startup programs is included in Task Manager.  Merely launch Task Manager, click the Startup tab and change Enabled to Disabled.  If you need additional information, see How To Disable Startup Programs In Windows 8.1 (http://www.intowindows.com/how-to-disable-startup-programs-in-windows-8-1/).

You can as well use this method in Win 10.

And this cannot harm the computer as msconfig in win7?

This method allows you to only disable programs or apps that you have installed, not system files that are installed, by Microsoft. If you are looking at it, you know that you wouldn't want to disable a third party software anti-virus if you installed it. You may not want say disable QuickTime or other things that you don't use on a regular basis, They will start when you tell them to open up or need to use them.

Quote from: DR M on September 12, 2015, 04:19:19 PM

Quote from: techie on September 12, 2015, 04:10:36 PM

Quote from: Corrine on September 12, 2015, 02:18:32 PM
With Windows 8.1, managing Startup programs is included in Task Manager.  Merely launch Task Manager, click the Startup tab and change Enabled to Disabled.  If you need additional information, see How To Disable Startup Programs In Windows 8.1 (http://www.intowindows.com/how-to-disable-startup-programs-in-windows-8-1/).

You can as well use this method in Win 10.

And this cannot harm the computer as msconfig in win7?

MSconfig will not harm your computer if used properly!!!

Correct, Mike.  MSConfig doesn't "harm" the computer.  However, it is meant to be used as a temporary step when trouble-shooting issues not for managing startup programs.