Page 1 of 6 12345 ... LastLast
Results 1 to 10 of 56

Thread: 1) Slow computer, error messages

  1. #1
    Member
    Join Date
    Feb 2007
    Posts
    40

    Default 1) Slow computer, error messages

    Version of Spybot: 2.0.12.0
    Rootkit scanner 2.0.12.116
    Operating system: Windows 7 professional 32 bit
    Other security programs installed: AVG Cloudcare, Malwarebytes
    Issues with the computer's performance: Windows is not Genuine (4 year old Lenovo laptop and this just popped up), can't troubleshoot (gets error), some updates are blocked, sometimes gets very sloooowww. I pulled the drive and deep scanned it again from this machine with similar results to the original scan. Drive is a new 720GB WD replacing an almost full 320 which I thought was causing the problem. WD imaging program worked fine but shortly after the switch I started getting the Genuine Windows notification. Did a system restore to a couple of days before putting in the new drive as the hardware change could have triggered the notification but that made no difference.
    Original post in Rootalyzer forum: http://forums.spybot.info/showthread...n-ADS&p=460966

    Here is FIRST scan I ran today.
    Thanks for looking at them and any help you can give.
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2015 02
    Ran by Bruce (administrator) on BRUCE-LENOVO on 13-01-2015 13:44:12
    Running from C:\Users\Bruce\Desktop
    Loaded Profile: Bruce (Available profiles: Bruce & braley & Admin)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
    (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgUpgrade.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
    (Lenovo.) C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbamservice.exe
    () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\XmppAuth.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
    (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
    (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbam.exe
    (Lenovo.) C:\Windows\System32\TpShocks.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
    (CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\ACTray.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgTrayApp.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    (Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    (SAMSUNG Electornics Co., Ltd.) C:\Users\Bruce\AppData\Roaming\Verizon\UA_ar\UA.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2009-11-27] (Lenovo.)
    HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
    HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
    HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-10-01] ()
    HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [ACWLIcon] => C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe [181608 2009-11-26] (Lenovo)
    HKLM\...\Run: [ACTray] => C:\Program Files\Lenovo\Access Connections\ACTray.exe [435560 2009-11-26] (Lenovo)
    HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-13] ()
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-07-15] ()
    HKLM\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM\...\Run: [AVG CloudCare] => C:\Program Files\AVG\CloudCare\AvgTrayApp.exe [108312 2014-07-25] (AVG Technologies, Inc.)
    HKLM\...\Run: [racontrol] => C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe [1404080 2013-08-29] (AVG Technologies, Inc.)
    Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: D - D:\setup.exe
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: {06113c30-fef8-11e3-8c7b-78dd08b37ded} - E:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: {cd33b098-e596-11e2-9fb9-00262dfc1d87} - E:\VZW_Software_upgrade_assistant.exe
    IFEO\isuspm.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
    IFEO\natspeak.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
    Lsa: [Notification Packages] scecli ACGina
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
    ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
    Startup: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
    ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Bruce\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=BDT3&ocid=BDT3DHP
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
    SearchScopes: HKLM -> DefaultScope {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL =
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {CF72DB5D-A4F5-454C-BFC1-A9A2C1B19471} URL = http://search.avg.com/route/?d=4c216cec&v=6.10.6.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.26:85/HiDvrOcx.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    FireFox:
    ========
    FF ProfilePath: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Bing
    FF Homepage: hxxp://www.bing.com/
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Musicnotes\npsibelius.dll ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2701720504-2077786656-4262629455-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bruce\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
    FF user.js: detected! => C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\user.js
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Bruce\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
    FF SearchPlugin: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\searchplugins\bingp.xml
    FF Extension: Yahoo! Toolbar - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-20]
    FF Extension: DownloadHelper - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
    FF Extension: Quick Translator - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-03-16]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-12-09]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
    CHR DefaultSearchKeyword: Default -> bing.com
    CHR DefaultSearchURL: Default -> http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}
    CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=BDT3DF&PC=BDT3
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
    CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
    CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    CHR Plugin: (ScorchPlugin) - C:\Program Files\Musicnotes\npsibelius.dll ()
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR Profile: C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Skype Click to Call) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-04-08]
    CHR Extension: (Google Wallet) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
    CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124264 2009-11-26] (Lenovo)
    R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [255336 2009-11-26] (Lenovo)
    R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [948736 2011-08-08] (Intel Corporation)
    S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-26] (Microsoft Corporation) [File not signed]
    S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 AvgApiWrapper; C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe [151832 2014-07-25] (AVG Technologies, Inc.)
    R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
    R2 AvgRemote; C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe [54960 2013-09-05] (AVG Technologies, Inc.)
    R2 AvgUpgrade; C:\Program Files\AVG\CloudCare\AvgUpgrade.exe [78616 2014-07-25] (AVG Technologies, Inc.)
    R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
    S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
    R3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [102672 2011-06-03] (Intel(R) Corporation)
    S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-08] (Microsoft Corporation) [File not signed]
    R2 CscService; C:\Windows\System32\cscsvc.dll [546304 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-02] (Microsoft Corporation) [File not signed]
    S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-01-13] (Microsoft Corporation) [File not signed]
    R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 HsfXAudioService; C:\Windows\system32\XAudio32.dll [410624 2009-04-28] (Conexant Systems, Inc.) [File not signed]
    S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-09-18] (Microsoft Corporation) [File not signed]
    R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-11] (Microsoft Corporation) [File not signed]
    R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
    R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
    R2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
    R2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
    R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [127336 2011-07-12] (Lenovo Group Limited)
    S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
    R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
    R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
    S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-04-30] (Microsoft Corporation) [File not signed]
    R3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2010-01-31] (Intuit) [File not signed]
    S4 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
    S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 raserver; C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe [1404080 2013-08-29] (AVG Technologies, Inc.)
    S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 RUBotSrv; C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
    R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
    S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    R3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-10] (Microsoft Corporation) [File not signed]
    S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 StorSvc; C:\Windows\system32\storsvc.dll [16384 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
    S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TermService; C:\Windows\System32\termsrv.dll [523264 2014-07-16] (Microsoft Corporation) [File not signed]
    R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [131432 2011-07-12] (Lenovo Group Limited)
    R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
    S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-03] (Lenovo Group Limited) [File not signed]
    S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 UmRdpService; C:\Windows\System32\umrdp.dll [171008 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-07-14] (AVG)
    S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
    S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation) [File not signed]
    S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation) [File not signed]
    S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-27] (Microsoft Corporation) [File not signed]
    R2 XmppAuth; C:\Program Files\AVG\CloudCare\XmppAuth.exe [285464 2014-07-25] (AVG Technologies, Inc.)
    S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [126080 2009-10-27] (Ricoh co.,Ltd.) [File not signed]
    S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-29] (Microsoft Corporation) [File not signed]
    S4 AFS; C:\Windows\system32\Drivers\AFS.sys [79052 2012-12-17] (Oak Technology Inc.) [File not signed]
    S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider) [File not signed]
    S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider) [File not signed]
    S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Avc; C:\Windows\System32\DRIVERS\avc.sys [40320 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
    S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
    S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
    R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation) [File not signed]
    S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
    R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [34816 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] (Microsoft Corporation) [File not signed]
    R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-27] (Microsoft Corporation) [File not signed]
    S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
    S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
    S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2009-09-16] (Intel Corporation) [File not signed]
    S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [981504 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    R3 HSXHWAZL; C:\Windows\System32\DRIVERS\HSXHWAZL.sys [207360 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
    S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [23040 2010-06-23] (Windows (R) Win 7 DDK provider) [File not signed]
    R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4756480 2009-06-10] (Intel Corporation) [File not signed]
    R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [125696 2009-10-25] (Intel Corporation) [File not signed]
    R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-13] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
    R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Conexant) [File not signed]
    R3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
    R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-26] (Microsoft Corporation) [File not signed]
    R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-08] (Microsoft Corporation) [File not signed]
    R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-26] (Microsoft Corporation) [File not signed]
    S3 MSDV; C:\Windows\System32\DRIVERS\msdv.sys [52608 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 NETw5s32; C:\Windows\System32\DRIVERS\NETw5s32.sys [6758912 2010-03-17] (Intel Corporation) [File not signed]
    S3 netw5v32; C:\Windows\System32\DRIVERS\netw5v32.sys [4231168 2009-07-13] (Intel Corporation) [File not signed]
    R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7517696 2011-08-03] (Intel Corporation) [File not signed]
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
    R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
    S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-16] (Microsoft Corporation) [File not signed]
    R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 rimspci; C:\Windows\System32\DRIVERS\rimspe86.sys [48640 2009-10-25] (REDC) [File not signed]
    R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 sdbus; C:\Windows\system32\drivers\sdbus.sys [84992 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
    R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-28] (Microsoft Corporation) [File not signed]
    R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-28] (Microsoft Corporation) [File not signed]
    S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-28] (Microsoft Corporation) [File not signed]
    R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
    S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-16] (Microsoft Corporation) [File not signed]
    R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 TPM; C:\Windows\System32\drivers\tpm.sys [30720 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-16] (Microsoft Corporation) [File not signed]
    S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49152 2013-10-01] (Microsoft Corporation) [File not signed]
    R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
    R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13752 2009-09-29] ()
    R4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [80896 2013-07-12] (Microsoft Corporation) [File not signed]
    R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
    R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-26] (Microsoft Corporation) [File not signed]
    R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1310720 2007-06-28] (C-Media Inc) [File not signed]
    S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [36352 2013-07-02] (Microsoft Corporation) [File not signed]
    S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-10] (Microsoft Corporation) [File not signed]
    S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
    S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [661504 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WSDScan; C:\Windows\System32\DRIVERS\WSDScan.sys [20480 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 XAudio; C:\Windows\System32\DRIVERS\XAudio32.sys [8704 2009-04-28] (Conexant Systems, Inc.) [File not signed]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-13 13:44 - 2015-01-13 13:45 - 00064137 _____ () C:\Users\Bruce\Desktop\FRST.txt
    2015-01-13 13:43 - 2015-01-13 13:44 - 00000000 ____D () C:\FRST
    2015-01-13 13:41 - 2015-01-13 13:41 - 01115648 _____ (Farbar) C:\Users\Bruce\Desktop\FRST.exe
    2015-01-13 13:37 - 2015-01-13 13:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRUCE-LENOVO-Microsoft-Windows-7-Professional-(32-bit).dat
    2015-01-13 13:36 - 2015-01-13 13:36 - 00000000 ____D () C:\RegBackup
    2015-01-13 13:35 - 2015-01-13 13:35 - 00002196 _____ () C:\Users\Bruce\Desktop\Tweaking.com - Registry Backup.lnk
    2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Program Files\Tweaking.com
    2015-01-13 13:32 - 2015-01-13 13:32 - 04215584 _____ () C:\Users\Bruce\Downloads\tweaking.com_registry_backup_setup.exe
    2015-01-13 13:06 - 2015-01-13 13:06 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate(1).exe
    2015-01-09 20:00 - 2015-01-13 13:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-09 19:59 - 2015-01-09 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-09 19:59 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-09 19:59 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-09 19:58 - 2015-01-09 19:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
    2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG
    2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\AVG
    2015-01-09 09:28 - 2015-01-09 09:00 - 08994813 _____ () C:\Users\Admin\Documents\CBS.txt.log
    2015-01-09 09:18 - 2015-01-09 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG2014
    2015-01-09 09:17 - 2015-01-09 09:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Avg2014
    2015-01-09 09:17 - 2015-01-09 09:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
    2015-01-02 12:53 - 2015-01-07 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
    2015-01-02 12:53 - 2015-01-02 12:53 - 00000000 ____D () C:\ProgramData\Intel.sav
    2015-01-02 12:47 - 2015-01-02 12:47 - 00000000 ____D () C:\ProgramData\IntelDLM
    2015-01-02 12:43 - 2015-01-02 12:43 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Intel
    2015-01-02 12:42 - 2015-01-02 12:42 - 00001139 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
    2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
    2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
    2015-01-02 12:41 - 2015-01-02 12:41 - 02333416 _____ (Intel) C:\Users\Bruce\Downloads\Intel Driver Update Utility Installer.exe
    2015-01-02 12:26 - 2015-01-02 12:26 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate.exe
    2014-12-27 22:41 - 2014-12-27 22:41 - 00011079 _____ () C:\Users\Bruce\Documents\computer.xlsx

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-13 13:42 - 2012-04-08 09:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-01-13 13:42 - 2012-04-08 09:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-13 13:42 - 2011-05-26 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-01-13 13:21 - 2010-07-21 11:01 - 00000000 ____D () C:\Users\Bruce\Documents\Outlook Files
    2015-01-13 13:21 - 2010-06-24 18:18 - 00000000 ____D () C:\Users\braley\Outlook
    2015-01-13 13:18 - 2010-06-23 05:46 - 01477823 _____ () C:\Windows\WindowsUpdate.log
    2015-01-13 13:17 - 2011-05-03 15:00 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
    2015-01-13 13:10 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-13 13:10 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-13 13:07 - 2009-07-20 21:30 - 00800182 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-13 13:04 - 2011-11-01 07:44 - 00000000 ____D () C:\ProgramData\MFAData
    2015-01-13 12:59 - 2013-10-17 08:35 - 00000000 ____D () C:\ProgramData\AVGRemoteIT
    2015-01-13 12:59 - 2011-05-03 15:00 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2015-01-13 12:59 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-13 12:59 - 2009-07-13 20:39 - 00191441 _____ () C:\Windows\setupact.log
    2015-01-11 00:56 - 2010-10-02 07:35 - 00000000 ____D () C:\Users\Bruce\Documents\Politics
    2015-01-10 10:00 - 2009-07-13 20:33 - 03897040 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-10 09:59 - 2010-06-23 05:42 - 01868062 _____ () C:\Windows\PFRO.log
    2015-01-10 09:59 - 2009-07-13 20:53 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-09 19:59 - 2011-11-01 13:12 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
    2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2015-01-09 09:18 - 2012-05-06 10:50 - 00462888 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-09 09:17 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
    2015-01-07 13:04 - 2011-12-04 10:45 - 00000221 _____ () C:\Windows\wininit.ini
    2015-01-07 11:01 - 2013-12-14 10:59 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
    2015-01-07 10:39 - 2010-06-24 23:49 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Microsoft Help
    2015-01-07 10:26 - 2010-06-23 06:28 - 00000000 ____D () C:\Users\Bruce
    2015-01-07 10:19 - 2014-06-21 20:56 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-01-07 10:19 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin
    2015-01-07 10:19 - 2011-11-09 01:58 - 00000000 ____D () C:\ProgramData\Intel
    2015-01-07 10:19 - 2010-06-23 06:21 - 00000000 ____D () C:\ProgramData\Lenovo
    2015-01-07 10:19 - 2010-06-22 18:22 - 00000000 ____D () C:\Users\braley
    2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\wfp
    2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
    2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Common Files\Intel
    2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Cisco
    2015-01-07 10:18 - 2010-06-23 05:39 - 00000000 ____D () C:\Program Files\Intel
    2015-01-02 12:54 - 2014-04-03 21:57 - 00000000 ____D () C:\Users\Outlook
    2015-01-02 12:54 - 2013-11-18 07:58 - 00000000 ____D () C:\Users\TEMP
    2014-12-26 00:55 - 2011-09-25 21:46 - 00000000 ____D () C:\Users\Bruce\Documents\Melaleuca
    2014-12-25 12:35 - 2012-05-21 10:09 - 00000000 ____D () C:\Users\Bruce\Documents\Sean
    2014-12-22 20:01 - 2009-07-19 17:04 - 00000000 ____D () C:\Users\Bruce\Documents\Financial
    2014-12-19 14:32 - 2014-01-14 10:52 - 00000000 ____D () C:\Users\Bruce\Documents\braley digital
    2014-12-17 08:39 - 2010-06-22 15:53 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Adobe
    2014-12-14 08:15 - 2013-01-09 04:02 - 00000000 ____D () C:\Users\Bruce\Documents\Technical

    Files to move or delete:
    ====================
    C:\Users\Outlook\extend.dat


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\system32\winlogon.exe
    [2014-10-25 09:16] - [2014-07-16 17:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

    C:\Windows\system32\wininit.exe => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\services.exe => MD5 is legit
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-17 23:49

    ==================== End Of Log ============================
    Attached Files Attached Files

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Hi and welcome

    Have my fingers crossed here we can find this and get it cleaned.

    Can you use MSCONFIG and check for unusual or items there that don't belong. What I'm thinking is, it's located in your run entries at startup.

    Also, your version of Farbar Recovery Scan Tool has a coding bug, there has been an updated one posted that I need to get you to download.

    Right click on the version you have now, select delete.

    Farbar Recovery Scan Tool (FRST) Scan
    • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) andsave the file to your Desktop.
    • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
    • Right-Click FRST.exe / FRST64.exe and select [img=http://i.imgur.com/AVOiBNU.jpg] Run as administrator to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.


    ~~~~~~~~~~~~~~

    Malwarebytes Anti-Rootkit
    • Download Malwarebytes Anti-Rootkit
    • Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
    • Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
    • Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.
    • Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
    • After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
    • Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
    • If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.



    • Please click by the introduction screen on the Next button to continue.




    • Next you will see the Update Database screen.
    • Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.




    • When the update has finished, click on the Next button.



    • Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
    • Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.




    • When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
    • Make sure everything is selected and that the option to create a restore point is checked.
    • Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
    • Click on Yes button to restart your computer.

    • There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
    • The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
      • For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.

    • The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Member
    Join Date
    Feb 2007
    Posts
    40

    Default

    Hello Juliet
    Thanks for the reply.
    Here is the FRST.txt I'll send Addition.txt separately. I had trouble sending everything at once yesterday, probably because there was too much data.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015
    Ran by Bruce (administrator) on BRUCE-LENOVO on 15-01-2015 10:05:56
    Running from C:\Users\Bruce\Desktop
    Loaded Profiles: Bruce (Available profiles: Bruce & braley & Admin)
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
    (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgUpgrade.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
    (Lenovo.) C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
    (Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files\MALWAREBYTES ANTI-MALWARE\mbam.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
    (Lenovo.) C:\Windows\System32\TpShocks.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
    (CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\ACTray.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgTrayApp.exe
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    (Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    (SAMSUNG Electornics Co., Ltd.) C:\Users\Bruce\AppData\Roaming\Verizon\UA_ar\UA.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (AVG Technologies, Inc.) C:\Program Files\AVG\CloudCare\XmppAuth.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    (Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
    (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Corporation) C:\Windows\System32\msconfig.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [337256 2009-11-27] (Lenovo.)
    HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
    HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-07-27] (Lenovo Group Limited)
    HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-10-01] ()
    HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [ACWLIcon] => C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe [181608 2009-11-26] (Lenovo)
    HKLM\...\Run: [ACTray] => C:\Program Files\Lenovo\Access Connections\ACTray.exe [435560 2009-11-26] (Lenovo)
    HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-13] ()
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-07-15] ()
    HKLM\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
    HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM\...\Run: [AVG CloudCare] => C:\Program Files\AVG\CloudCare\AvgTrayApp.exe [108312 2014-07-25] (AVG Technologies, Inc.)
    HKLM\...\Run: [racontrol] => C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe [1404080 2013-08-29] (AVG Technologies, Inc.)
    Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: D - D:\setup.exe
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: {06113c30-fef8-11e3-8c7b-78dd08b37ded} - E:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\MountPoints2: {cd33b098-e596-11e2-9fb9-00262dfc1d87} - E:\VZW_Software_upgrade_assistant.exe
    IFEO\isuspm.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
    IFEO\natspeak.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
    Lsa: [Notification Packages] scecli ACGina
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
    ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
    Startup: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
    ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Bruce\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=BDT3&ocid=BDT3DHP
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
    HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
    SearchScopes: HKLM -> DefaultScope {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL =
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {CF72DB5D-A4F5-454C-BFC1-A9A2C1B19471} URL = http://search.avg.com/route/?d=4c216cec&v=6.10.6.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.26:85/HiDvrOcx.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    FireFox:
    ========
    FF ProfilePath: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Bing
    FF Homepage: hxxp://www.bing.com/
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Musicnotes\npsibelius.dll ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2701720504-2077786656-4262629455-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bruce\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
    FF user.js: detected! => C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\user.js
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Bruce\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
    FF SearchPlugin: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\searchplugins\bingp.xml
    FF Extension: Yahoo! Toolbar - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-20]
    FF Extension: DownloadHelper - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
    FF Extension: Quick Translator - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-03-16]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-12-09]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
    CHR DefaultSearchKeyword: Default -> bing.com
    CHR DefaultSearchURL: Default -> http://www.bing.com/search?FORM=BDT3DF&PC=BDT3&q={searchTerms}
    CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=BDT3DF&PC=BDT3
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
    CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
    CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    CHR Plugin: (ScorchPlugin) - C:\Program Files\Musicnotes\npsibelius.dll ()
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR Profile: C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Skype Click to Call) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-04-08]
    CHR Extension: (Google Wallet) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
    CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124264 2009-11-26] (Lenovo)
    R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [255336 2009-11-26] (Lenovo)
    R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [948736 2011-08-08] (Intel Corporation)
    S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-26] (Microsoft Corporation) [File not signed]
    S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 AvgApiWrapper; C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe [151832 2014-07-25] (AVG Technologies, Inc.)
    R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
    R2 AvgRemote; C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe [54960 2013-09-05] (AVG Technologies, Inc.)
    R2 AvgUpgrade; C:\Program Files\AVG\CloudCare\AvgUpgrade.exe [78616 2014-07-25] (AVG Technologies, Inc.)
    R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
    S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
    R3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [102672 2011-06-03] (Intel(R) Corporation)
    S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-08] (Microsoft Corporation) [File not signed]
    R2 CscService; C:\Windows\System32\cscsvc.dll [546304 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-02] (Microsoft Corporation) [File not signed]
    S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-01-13] (Microsoft Corporation) [File not signed]
    R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 HsfXAudioService; C:\Windows\system32\XAudio32.dll [410624 2009-04-28] (Conexant Systems, Inc.) [File not signed]
    S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-09-18] (Microsoft Corporation) [File not signed]
    R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-11] (Microsoft Corporation) [File not signed]
    R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
    R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
    R2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
    R2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
    R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [127336 2011-07-12] (Lenovo Group Limited)
    S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
    R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
    R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
    S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-04-30] (Microsoft Corporation) [File not signed]
    R3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2010-01-31] (Intuit) [File not signed]
    S4 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
    S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 raserver; C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe [1404080 2013-08-29] (AVG Technologies, Inc.)
    R3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 RUBotSrv; C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
    R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
    S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    R3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-10] (Microsoft Corporation) [File not signed]
    S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 StorSvc; C:\Windows\system32\storsvc.dll [16384 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
    S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TermService; C:\Windows\System32\termsrv.dll [523264 2014-07-16] (Microsoft Corporation) [File not signed]
    R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [131432 2011-07-12] (Lenovo Group Limited)
    R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
    S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-03] (Lenovo Group Limited) [File not signed]
    S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 UmRdpService; C:\Windows\System32\umrdp.dll [171008 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-07-14] (AVG)
    S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
    S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation) [File not signed]
    R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation) [File not signed]
    S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-27] (Microsoft Corporation) [File not signed]
    R2 XmppAuth; C:\Program Files\AVG\CloudCare\XmppAuth.exe [285464 2014-07-25] (AVG Technologies, Inc.)
    S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [126080 2009-10-27] (Ricoh co.,Ltd.) [File not signed]
    S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-29] (Microsoft Corporation) [File not signed]
    S4 AFS; C:\Windows\system32\Drivers\AFS.sys [79052 2012-12-17] (Oak Technology Inc.) [File not signed]
    S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider) [File not signed]
    S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider) [File not signed]
    S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Avc; C:\Windows\System32\DRIVERS\avc.sys [40320 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
    S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
    S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
    R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation) [File not signed]
    S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
    S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
    R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [34816 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] (Microsoft Corporation) [File not signed]
    R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-27] (Microsoft Corporation) [File not signed]
    S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
    S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
    S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2009-09-16] (Intel Corporation) [File not signed]
    S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [981504 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    R3 HSXHWAZL; C:\Windows\System32\DRIVERS\HSXHWAZL.sys [207360 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
    S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [23040 2010-06-23] (Windows (R) Win 7 DDK provider) [File not signed]
    R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4756480 2009-06-10] (Intel Corporation) [File not signed]
    R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [125696 2009-10-25] (Intel Corporation) [File not signed]
    R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-15] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
    R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Conexant) [File not signed]
    R3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
    R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-26] (Microsoft Corporation) [File not signed]
    R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-08] (Microsoft Corporation) [File not signed]
    R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-26] (Microsoft Corporation) [File not signed]
    S3 MSDV; C:\Windows\System32\DRIVERS\msdv.sys [52608 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 NETw5s32; C:\Windows\System32\DRIVERS\NETw5s32.sys [6758912 2010-03-17] (Intel Corporation) [File not signed]
    S3 netw5v32; C:\Windows\System32\DRIVERS\netw5v32.sys [4231168 2009-07-13] (Intel Corporation) [File not signed]
    R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7517696 2011-08-03] (Intel Corporation) [File not signed]
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
    R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
    S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-16] (Microsoft Corporation) [File not signed]
    R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 rimspci; C:\Windows\System32\DRIVERS\rimspe86.sys [48640 2009-10-25] (REDC) [File not signed]
    R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 sdbus; C:\Windows\system32\drivers\sdbus.sys [84992 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
    R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-28] (Microsoft Corporation) [File not signed]
    R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-28] (Microsoft Corporation) [File not signed]
    S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.) [File not signed]
    R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-28] (Microsoft Corporation) [File not signed]
    R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
    S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-16] (Microsoft Corporation) [File not signed]
    R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 TPM; C:\Windows\System32\drivers\tpm.sys [30720 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-16] (Microsoft Corporation) [File not signed]
    S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49152 2013-10-01] (Microsoft Corporation) [File not signed]
    R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
    R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13752 2009-09-29] ()
    R4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [80896 2013-07-12] (Microsoft Corporation) [File not signed]
    R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
    R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-26] (Microsoft Corporation) [File not signed]
    R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1310720 2007-06-28] (C-Media Inc) [File not signed]
    S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [36352 2013-07-02] (Microsoft Corporation) [File not signed]
    S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-10] (Microsoft Corporation) [File not signed]
    S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
    S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [661504 2009-06-29] (Conexant Systems, Inc.) [File not signed]
    S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WSDScan; C:\Windows\System32\DRIVERS\WSDScan.sys [20480 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 XAudio; C:\Windows\System32\DRIVERS\XAudio32.sys [8704 2009-04-28] (Conexant Systems, Inc.) [File not signed]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-15 10:02 - 2015-01-15 10:03 - 00052378 _____ () C:\Users\Bruce\Desktop\Addition.txt
    2015-01-15 10:00 - 2015-01-15 10:05 - 00064324 _____ () C:\Users\Bruce\Desktop\FRST.txt
    2015-01-15 10:00 - 2015-01-15 10:00 - 01116672 _____ (Farbar) C:\Users\Bruce\Desktop\FRST.exe
    2015-01-13 16:14 - 2015-01-13 16:14 - 00002214 _____ () C:\Users\Bruce\Desktop\aswMBR.txt
    2015-01-13 16:14 - 2015-01-13 16:14 - 00000512 _____ () C:\Users\Bruce\Desktop\MBR.dat
    2015-01-13 14:10 - 2015-01-13 14:11 - 05198336 _____ (AVAST Software) C:\Users\Bruce\Desktop\aswMBR.exe
    2015-01-13 13:46 - 2015-01-13 13:47 - 00051749 _____ () C:\Users\Bruce\Desktop\oldAddition.txt
    2015-01-13 13:43 - 2015-01-15 10:06 - 00000000 ____D () C:\FRST
    2015-01-13 13:37 - 2015-01-13 13:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRUCE-LENOVO-Microsoft-Windows-7-Professional-(32-bit).dat
    2015-01-13 13:36 - 2015-01-13 13:36 - 00000000 ____D () C:\RegBackup
    2015-01-13 13:35 - 2015-01-13 13:35 - 00002196 _____ () C:\Users\Bruce\Desktop\Tweaking.com - Registry Backup.lnk
    2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Program Files\Tweaking.com
    2015-01-13 13:32 - 2015-01-13 13:32 - 04215584 _____ () C:\Users\Bruce\Downloads\tweaking.com_registry_backup_setup.exe
    2015-01-13 13:06 - 2015-01-13 13:06 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate(1).exe
    2015-01-09 20:00 - 2015-01-15 09:46 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-09 19:59 - 2015-01-09 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-09 19:59 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-09 19:59 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-09 19:58 - 2015-01-09 19:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
    2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG
    2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\AVG
    2015-01-09 09:28 - 2015-01-09 09:00 - 08994813 _____ () C:\Users\Admin\Documents\CBS.txt.log
    2015-01-09 09:18 - 2015-01-09 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG2014
    2015-01-09 09:17 - 2015-01-09 09:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Avg2014
    2015-01-09 09:17 - 2015-01-09 09:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
    2015-01-02 12:53 - 2015-01-07 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
    2015-01-02 12:53 - 2015-01-02 12:53 - 00000000 ____D () C:\ProgramData\Intel.sav
    2015-01-02 12:47 - 2015-01-02 12:47 - 00000000 ____D () C:\ProgramData\IntelDLM
    2015-01-02 12:43 - 2015-01-02 12:43 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Intel
    2015-01-02 12:42 - 2015-01-02 12:42 - 00001139 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
    2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
    2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
    2015-01-02 12:41 - 2015-01-02 12:41 - 02333416 _____ (Intel) C:\Users\Bruce\Downloads\Intel Driver Update Utility Installer.exe
    2015-01-02 12:26 - 2015-01-02 12:26 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate.exe
    2014-12-27 22:41 - 2014-12-27 22:41 - 00011079 _____ () C:\Users\Bruce\Documents\computer.xlsx

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-15 09:59 - 2011-05-03 15:00 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
    2015-01-15 09:59 - 2010-06-23 05:46 - 01513163 _____ () C:\Windows\WindowsUpdate.log
    2015-01-15 09:53 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-15 09:53 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-15 09:50 - 2012-02-15 11:59 - 00000514 _____ () C:\Windows\Tasks\NatSpeak Periodic Language Model Optimization.job
    2015-01-15 09:50 - 2012-02-15 11:59 - 00000490 _____ () C:\Windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
    2015-01-15 09:50 - 2009-07-20 21:30 - 00800182 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-15 09:48 - 2011-11-01 07:44 - 00000000 ____D () C:\ProgramData\MFAData
    2015-01-15 09:46 - 2010-07-21 11:01 - 00000000 ____D () C:\Users\Bruce\Documents\Outlook Files
    2015-01-15 09:46 - 2010-06-24 18:18 - 00000000 ____D () C:\Users\braley\Outlook
    2015-01-15 09:44 - 2009-07-13 20:33 - 03897040 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-15 09:42 - 2013-10-17 08:35 - 00000000 ____D () C:\ProgramData\AVGRemoteIT
    2015-01-15 09:42 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-15 09:42 - 2009-07-13 20:39 - 00191553 _____ () C:\Windows\setupact.log
    2015-01-13 23:42 - 2012-04-08 09:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-01-13 14:42 - 2012-04-08 09:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-01-13 14:42 - 2011-05-26 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-01-13 12:59 - 2011-05-03 15:00 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2015-01-11 00:56 - 2010-10-02 07:35 - 00000000 ____D () C:\Users\Bruce\Documents\Politics
    2015-01-10 09:59 - 2010-06-23 05:42 - 01868062 _____ () C:\Windows\PFRO.log
    2015-01-10 09:59 - 2009-07-13 20:53 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-09 19:59 - 2011-11-01 13:12 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
    2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2015-01-09 09:18 - 2012-05-06 10:50 - 00462888 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-09 09:17 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
    2015-01-07 13:04 - 2011-12-04 10:45 - 00000221 _____ () C:\Windows\wininit.ini
    2015-01-07 11:01 - 2013-12-14 10:59 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
    2015-01-07 10:39 - 2010-06-24 23:49 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Microsoft Help
    2015-01-07 10:26 - 2010-06-23 06:28 - 00000000 ____D () C:\Users\Bruce
    2015-01-07 10:19 - 2014-06-21 20:56 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-01-07 10:19 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin
    2015-01-07 10:19 - 2011-11-09 01:58 - 00000000 ____D () C:\ProgramData\Intel
    2015-01-07 10:19 - 2010-06-23 06:21 - 00000000 ____D () C:\ProgramData\Lenovo
    2015-01-07 10:19 - 2010-06-22 18:22 - 00000000 ____D () C:\Users\braley
    2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\wfp
    2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
    2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Common Files\Intel
    2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Cisco
    2015-01-07 10:18 - 2010-06-23 05:39 - 00000000 ____D () C:\Program Files\Intel
    2015-01-02 12:54 - 2014-04-03 21:57 - 00000000 ____D () C:\Users\Outlook
    2015-01-02 12:54 - 2013-11-18 07:58 - 00000000 ____D () C:\Users\TEMP
    2014-12-26 00:55 - 2011-09-25 21:46 - 00000000 ____D () C:\Users\Bruce\Documents\Melaleuca
    2014-12-25 12:35 - 2012-05-21 10:09 - 00000000 ____D () C:\Users\Bruce\Documents\Sean
    2014-12-22 20:01 - 2009-07-19 17:04 - 00000000 ____D () C:\Users\Bruce\Documents\Financial
    2014-12-19 14:32 - 2014-01-14 10:52 - 00000000 ____D () C:\Users\Bruce\Documents\braley digital
    2014-12-17 08:39 - 2010-06-22 15:53 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Adobe

    Files to move or delete:
    ====================
    C:\Users\Outlook\extend.dat


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\system32\winlogon.exe
    [2014-10-25 09:16] - [2014-07-16 17:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

    C:\Windows\system32\wininit.exe => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\services.exe => MD5 is legit
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-17 23:49

    ==================== End Of Log ============================

  4. #4
    Member
    Join Date
    Feb 2007
    Posts
    40

    Default Addition.txt

    The only thing I saw in Msconfig was PiconStation Application which is in the Intel folder but lists the manufacturer as unknown. Will run Mbar next and post the results.
    Thanks for the help.

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015
    Ran by Bruce at 2015-01-15 10:26:02
    Running from C:\Users\Bruce\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG CloudCare AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: AVG CloudCare AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
    FW: AVG CloudCare AntiVirus 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Access Help (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
    Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
    Adobe Connect Add-in (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Adobe Connect Add-in) (Version: - )
    Adobe Creative Suite 5 Production Premium (HKLM\...\{53BC789D-073D-47B6-AA9F-DE05990AF07A}) (Version: 5.0 - Adobe Systems Incorporated)
    Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
    Amazon Kindle (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Amazon Kindle) (Version: - Amazon)
    Amazon MP3 Downloader 1.0.10 (HKLM\...\Amazon MP3 Downloader) (Version: - )
    AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.6 - Vantage Software Technologies)
    AT&T Service Activation (HKLM\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
    AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
    AVG CloudCare (HKLM\...\AVG CloudCare) (Version: 3.2.1 - AVG Technologies)
    AVG PC TuneUp 2014 (en-US) (Version: 14.0.1001.519 - AVG) Hidden
    AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.519 - AVG)
    AVG PC TuneUp 2014 (Version: 14.0.1001.519 - AVG) Hidden
    AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4020.9 - AVG Technologies) Hidden
    Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
    Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
    Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
    Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
    Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
    Canon MP Navigator EX 3.1 (HKLM\...\MP Navigator EX 3.1) (Version: - )
    Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
    Canon MX870 series User Registration (HKLM\...\Canon MX870 series User Registration) (Version: - )
    Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version: - )
    Client Security - Password Manager (HKLM\...\{18554B3F-46EA-40A9-B4EA-7EEE83C0559D}) (Version: 8.30.0023.00 - Lenovo Group Limited)
    Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
    Corel DVD MovieFactory (Version: 7.0.0 - Corel Corporation) Hidden
    Corel DVD MovieFactory 7 Lenovo Edition (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
    Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    DeLorme Street Atlas USA 2009 (HKLM\...\{AEB95804-A937-49E6-940A-37A606C16D5D}) (Version: 9.00.0000 - DeLorme Publishing)
    Digital Picture Recovery (HKLM\...\Digital Picture Recovery) (Version: 2.1.2.8 - dtidata.com)
    Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
    Dragon NaturallySpeaking 10 (HKLM\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.10.0 - Nuance Communications Inc.)
    Free File Opener v2011.6.0.4 (HKLM\...\Free File Opener_is1) (Version: 2011.6.0.4 - Free File Opener, LLC)
    Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
    HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
    HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
    HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
    HTC Sync (HKLM\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
    Integrated Camera Driver Installer Package Ver.1.1.0.17 (HKLM\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.1.0.17 - RICOH)
    Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
    Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.3 - Intel)
    Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
    InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.157 - InterVideo Inc.)
    InterVideo WinDVD 8 (Version: 8.0.20.157 - InterVideo Inc.) Hidden
    Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
    Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Just Cause 2 (HKLM\...\Steam App 8190) (Version: - Avalanche Studios)
    K-Lite Codec Pack 6.0.4 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
    Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )
    Lenovo Patch Utility (HKLM\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
    Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
    Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
    Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
    Lenovo Warranty Information (HKLM\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0002.00 - Lenovo)
    Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: 2.0.020.0 - Lenovo)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Memorex exPressit Label Design Studio (HKLM\...\MVApplication1) (Version: - )
    Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
    Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Research AutoCollage Touch 2009 (HKLM\...\{1F8DA253-3C27-4B01-A63A-BA3533120833}) (Version: 2.00.2009 - Microsoft Research)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft Visio Professional 2010 (HKLM\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
    Mobile Broadband Connect (HKLM\...\{9202762E-4B4C-48C9-A6CC-C27F9F85190A}) (Version: 3.5.0010 - Lenovo)
    Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
    Mozilla Firefox 4.0 (x86 en-US) (HKLM\...\Mozilla Firefox 4.0 (x86 en-US)) (Version: 4.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    Musicnotes Software Suite 1.5.3 (HKLM\...\Musicnotes Combined Installer_is1) (Version: 1.5.3 - Musicnotes Inc.)
    NetViewer 2.1.584.0 (HKLM\...\NetViewer) (Version: 2.1.584.0 - )
    NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
    NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.12130 - NVIDIA Corporation)
    On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.01 - )
    PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
    Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 (HKLM\...\Adobe_1b5a11fde44351ae0f4c7fd0e4daadc) (Version: 4.4.0 - Adobe Systems Incorporated)
    Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 (Version: 4.4.0 - Adobe Systems Incorporated) Hidden
    PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
    QuickBooks (Version: 19.0.4011.705 - Intuit Inc.) Hidden
    QuickBooks Pro 2009 (HKLM\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4011.705 - Intuit Inc.)
    Quicken 2008 (HKLM\...\{3B0F52AC-EF5C-4831-B221-06C782E41280}) (Version: 17.1.3.7 - Intuit)
    Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
    Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
    RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
    Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
    Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
    Steam (HKLM\...\Steam) (Version: - Valve Corporation)
    SUABnR (HKLM\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
    SUABnR (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
    Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
    SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
    System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
    The Print Shop 22 (HKLM\...\{E34351A4-4B10-4DFF-96BC-84C642D9C625}) (Version: 22.00.0000 - Broderbund Software)
    ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
    ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
    ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
    ThinkPad Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.10a - )
    ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
    ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.11 - Lenovo)
    ThinkVantage Access Connections (HKLM\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.50 - Lenovo)
    ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.71 - Lenovo)
    ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.42 - Lenovo)
    Trend Micro RUBotted 2.0 Beta (HKLM\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
    Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
    Verizon Wireless Mobile Broadband Self Activation (HKLM\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
    Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM\...\{EE296443-E401-43D2-9864-1C63AD8D376E}) (Version: 2.14.0410 - Samsung Electronics Co., Ltd.)
    Verizon Wireless Software Utility Application for Android - Samsung (HKLM\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
    Visual C++ Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}) (Version: 10.00.200.184 - Nuance Communications Inc.)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
    WebEx (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6) (Version: 04/08/2010 6.3.5.430 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
    Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
    Windows Driver Package - Intel (e1kexpress) Net (11/19/2009 11.5.5.0) (HKLM\...\A140D730315E230942517BDDAEC2B1B5FCC45A3F) (Version: 11/19/2009 11.5.5.0 - Intel)
    Windows Driver Package - Intel System (06/04/2009 1.0.0.0002) (HKLM\...\E7B58217635B8F723D4744A328A4B3237DB35FA9) (Version: 06/04/2009 1.0.0.0002 - Intel)
    Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\098EBB26BF07167AB12D1575EC24F883F9435E59) (Version: 10/28/2009 9.1.1.1022 - Intel)
    Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\573C3C32A1DB5625CA00E633E584E8A0E6383672) (Version: 10/28/2009 9.1.1.1022 - Intel)
    Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020) (HKLM\...\A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9) (Version: 08/20/2009 9.1.1.1020 - Intel)
    Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
    Windows Driver Package - Ricoh Company MS Host Controller (10/26/2009 6.10.02.07) (HKLM\...\FD5ED5E16405CDAA5385DE461B9E5379F91ACCCF) (Version: 10/26/2009 6.10.02.07 - Ricoh Company)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\webex\1026\atucfobj.dll (Cisco WebEx LLC)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{738CD606-129D-45db-86D6-6C9739C750CA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

    ==================== Restore Points =========================

    26-11-2014 10:02:31 Scheduled Checkpoint
    11-12-2014 08:26:30 Scheduled Checkpoint
    02-01-2015 12:41:54 Intel® Driver Update Utility
    02-01-2015 12:49:03 Intel® PROSet/Wireless Software

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:04 - 2014-09-23 23:37 - 00450770 ____R C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 www.123fporn.info
    127.0.0.1 123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {08C60E9B-4AD4-495A-8EC7-40CF1EE8811B} - System32\Tasks\InstallShield Software online update program => c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-16] (InstallShield Software Corporation)
    Task: {0D98184E-32AB-4002-B42B-183B6EDE33C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
    Task: {0F989BE7-FEE9-4162-AE5A-F0A7A78DE8B6} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
    Task: {19BCC457-29AA-430F-93C8-C6B770EE7692} - System32\Tasks\{A90682E6-3795-4060-AEF9-00A2150BFA68} => pcalua.exe -a "C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\tssmpm.cpl"
    Task: {1B29FD60-61DE-403F-897E-94F774D856AF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: {1BB0418C-9C6A-40D2-8683-CA6D7982BECB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
    Task: {209C7C6C-CBC2-41FC-A757-DE2A25B80416} - System32\Tasks\{CE78F2F9-EEDA-49CB-A1BD-08DE7DE8C0E5} => E:\Setup.exe
    Task: {24F6D86F-A55F-4B4E-9D48-6068FF00C60A} - System32\Tasks\{C2405C53-C542-458F-9782-7D4BB17E147C} => E:\ace\SINGLE\SETUP.EXE
    Task: {259A12A9-FBB3-4479-A1F1-FE533ABCCBF8} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
    Task: {259B58CC-1CC0-4F60-8FD4-184FE3DFCE1D} - System32\Tasks\{1540E941-4CD6-4941-B170-D0D20F45E0EA} => E:\autorun.exe
    Task: {29A590F7-ED48-4A5D-8364-F25C8A2B21D1} - System32\Tasks\Message Center plus => C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
    Task: {365039BA-D056-4548-A4C1-AFB67518136C} - System32\Tasks\{641FAB8B-0345-4BF5-B407-89A82A9DF934} => pcalua.exe -a "C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\\tssmpm.cpl"
    Task: {448E0398-7AE1-491E-A7C5-920F81D52E3A} - System32\Tasks\NatSpeak Periodic Language Model Optimization => C:\Program Files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2009-03-16] (Nuance Communications, Inc.)
    Task: {46207F1F-8A9D-44C9-9459-533110387C20} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
    Task: {4E2708E9-4E2B-4EBA-88BE-87E01CF4C422} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
    Task: {5604000C-2EA8-4267-BFE2-B2CCF8011DEA} - System32\Tasks\NatSpeak Periodic Acoustic Optimization => C:\Program Files\Nuance\NaturallySpeaking10\Program\schedmgr.exe [2009-03-16] (Nuance Communications, Inc.)
    Task: {573C700B-BFB7-4B2D-82E0-C295EA4664E8} - System32\Tasks\{C7870018-95CD-49A1-8511-2FA7DD647873} => E:\ace\SINGLE\SETUP.EXE
    Task: {5FA52832-1814-4100-AA81-EB64BEC12DAF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
    Task: {5FBD5FCB-2122-4448-9B82-830D2108807B} - System32\Tasks\LaunchCSS => C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-26] (Lenovo Group Limited)
    Task: {62D0B3DA-2018-48B9-962C-482771543418} - System32\Tasks\{B746EDA9-1EA4-4B66-BAC3-5BF8C299A8A9} => E:\autorun.exe
    Task: {693133C6-59A9-4F14-A5B4-E9E8F49197D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
    Task: {7307B735-7772-49FD-BE2F-36BF96E0ECAB} - System32\Tasks\{8CE865C7-79CA-44DE-B8AE-9993D0236C60} => D:\install.exe
    Task: {7A317081-074A-4C61-95C8-6A2DDA1B2437} - System32\Tasks\{35A9C21D-65FC-45D5-9472-346495408226} => E:\ace\SINGLE\SETUP.EXE
    Task: {7B925F22-0399-476E-AFE5-C75552BD7A16} - System32\Tasks\AdobeAAMUpdater-1.0-Bruce-Lenovo-Bruce => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {83952255-1DDD-4BDB-920F-A1DFF0AC08DD} - System32\Tasks\{10F11F3A-58FF-4BBC-8168-6105E14410B6} => E:\setup.exe
    Task: {897B4F6E-FDF0-43CB-AE03-04E312300C23} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2009-11-26] (Lenovo Group Limited)
    Task: {9314E8F0-AD1C-478B-A2C5-6137608B6FDD} - System32\Tasks\InstallShield Software update service => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
    Task: {998D0A65-D9FE-4D67-BFED-C8F4819732F0} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
    Task: {A5F8BFAD-B368-437F-B7AD-456939861D20} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
    Task: {A954044F-9745-4724-8204-3743B7F5AEDF} - System32\Tasks\{56A271B6-B527-4A59-AF05-1682CC725F72} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {B3500B58-8693-4A86-8951-F362C64A5553} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {B400A4B7-0DE1-49DA-83D9-D646D73CCA92} - System32\Tasks\{84AE0A25-3344-4110-87F8-F39AE4C1A56B} => pcalua.exe -a C:\SWTools\skype\Skype_Setup.exe -d C:\SWTools\skype
    Task: {B9C075ED-2906-4D73-9811-23DFA22104F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: {BBBE9FE9-89F6-460F-B3C8-201CFCCEB524} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()
    Task: {CD4068ED-893C-4AA9-99B9-7E5A262B9E32} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-07-14] (AVG)
    Task: {D811F944-863A-4423-803A-C4E084E2332A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
    Task: {D9293844-F489-4397-8BB9-488ACE94A14F} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
    Task: {DA3AEC2B-0BB5-45D9-9C97-879863A2D03B} - System32\Tasks\{2E88491F-1A5F-4A22-B292-ACEA4ED9DC0B} => pcalua.exe -a C:\Users\Bruce\Downloads\MediaToolsProfessional5.1.exe -d C:\Users\Bruce\Downloads
    Task: {DF844C5B-A434-4CA2-A6A9-75A739EF1328} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
    Task: {F50085CF-F530-4CBB-99B3-2DBE91056D68} - System32\Tasks\{76A69476-6ADD-4A19-91A6-0EF971717ED4} => E:\setup.exe
    Task: {FF0EB834-16BF-4947-9A96-236DF606E5FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
    Task: {FF7B19BC-F590-446A-B3CB-AE8A5C665E10} - System32\Tasks\TVT\LaunchRnR => C:\Program Files\Lenovo\Rescue and Recovery\rrcmd.exe [2009-08-28] (Lenovo Limited Group Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\NatSpeak Periodic Acoustic Optimization.job => C:\Program Files\Nuance\NaturallySpeaking10\Program\schedmgr.exe
    Task: C:\Windows\Tasks\NatSpeak Periodic Language Model Optimization.job => C:\Program Files\Nuance\NaturallySpeaking10\Program\schedmgr.exe
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-04-04 08:35 - 2013-10-28 14:48 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2009-11-26 17:48 - 2009-11-26 17:48 - 00006656 ____N () C:\Program Files\Lenovo\Access Connections\ACNewBiosHelper.dll
    2013-10-17 08:35 - 2014-07-25 06:45 - 00059160 _____ () C:\Program Files\AVG\CloudCare\ZlibStream.dll
    2013-10-17 08:35 - 2014-07-25 06:45 - 00073496 _____ () C:\Program Files\AVG\CloudCare\UpdateProxy.dll
    2014-09-08 10:12 - 2013-09-05 06:21 - 00179888 _____ () C:\Program Files\AVG\CloudCare\AvgRemote\VIPTunnelDll.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2010-06-23 05:43 - 2009-11-26 10:10 - 00032768 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
    2013-12-14 10:59 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2013-12-14 10:59 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
    2011-09-15 12:06 - 2011-09-15 12:06 - 00088576 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    2012-01-31 18:13 - 2010-08-24 18:06 - 00085840 _____ () C:\Program Files\Trend Micro\RUBotted\hc_help.dll
    2014-07-14 02:26 - 2014-07-14 02:26 - 00585528 _____ () C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll
    2014-07-14 02:26 - 2014-07-14 02:26 - 00357176 _____ () C:\Program Files\AVG\AVG PC TuneUp\tuavgx.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
    2014-12-09 09:02 - 2014-12-09 09:02 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:F35A93AD

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgApiWrapper => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgRemote => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgUpgrade => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\raserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\XmppAuth => ""="Service"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Admin (S-1-5-21-2701720504-2077786656-4262629455-1006 - Administrator - Enabled) => C:\Users\Admin
    Administrator (S-1-5-21-2701720504-2077786656-4262629455-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-2701720504-2077786656-4262629455-1009 - Limited - Enabled)
    braley (S-1-5-21-2701720504-2077786656-4262629455-1003 - Limited - Enabled) => C:\Users\braley
    Bruce (S-1-5-21-2701720504-2077786656-4262629455-1001 - Administrator - Enabled) => C:\Users\Bruce
    Guest (S-1-5-21-2701720504-2077786656-4262629455-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2701720504-2077786656-4262629455-1005 - Limited - Enabled)
    Sean (S-1-5-21-2701720504-2077786656-4262629455-1007 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


    System errors:
    =============
    Error: (01/15/2015 10:19:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 15 time(s).

    Error: (01/15/2015 10:19:59 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-2147217025.

    Error: (01/15/2015 10:16:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 14 time(s).

    Error: (01/15/2015 10:16:58 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-2147217025.

    Error: (01/15/2015 10:06:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 13 time(s).

    Error: (01/15/2015 10:06:32 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-2147217025.

    Error: (01/15/2015 10:05:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 12 time(s).

    Error: (01/15/2015 10:05:39 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-2147217025.

    Error: (01/15/2015 10:05:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 11 time(s).

    Error: (01/15/2015 10:05:26 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Windows Search service terminated with service-specific error %%-2147217025.


    Microsoft Office Sessions:
    =========================
    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583

    Error: (01/15/2015 10:26:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -583


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
    Percentage of memory in use: 63%
    Total physical RAM: 3059.69 MB
    Available physical RAM: 1105.86 MB
    Total Pagefile: 6117.66 MB
    Available Pagefile: 3277.19 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1910.62 MB

    ==================== Drives ================================

    Drive c: (Windows7_OS) (Fixed) (Total:673.37 GB) (Free:401.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Premiere Pro CS5 CIB) (CDROM) (Total:4.12 GB) (Free:0 GB) UDF
    Drive q: (Lenovo_Recovery) (Fixed) (Total:24.09 GB) (Free:18.96 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B729D094)
    Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=673.4 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=24.1 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

  5. #5
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    This is going to be a hard to to figure out. Nothing is listed as a cause so now it becomes guess work.

    Please go to add/remove programs list and delete/uninstall
    Java 7 Update 65

    ~~~~~~~~~~~~~~~~~~
    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)



    start
    CloseProcesses:
    HKLM\...\Run: [] => [X]
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL =
    SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {CF72DB5D-A4F5-454C-BFC1-A9A2C1B19471} URL = http://search.avg.com/route/?d=4c216cec&v=6.10.6.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=usDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
    FF user.js: detected! => C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\user.js
    CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [Not Found]
    C:\Users\Outlook\extend.dat
    AlternateDataStreams: C:\ProgramData\TEMP:F35A93AD
    EmptyTemp:
    Hosts:
    End
    Open FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ~~~~~~~~~~~~~~~~~~

    AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

    -- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    please post
    Fixlog.txt
    C:\AdwCleaner.txt
    JRT.txt

    ~~~~~~~~~~~~~~

    Press the Windows Key + r on your keyboard at the same time. Type wuapp.exe and click OK.
    Click Installed Updates.
    Is KB3004394 installed?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Member
    Join Date
    Feb 2007
    Posts
    40

    Default

    Sorry this is such a problem.

    MBAR came up clean.
    Couldn't uninstall Java update 65. "Error opening installation log file. Verify that the specified log file location exists and is writable."
    Phew - lot of scans - lot of changes BUT computer is running faster!
    May have deleted some files connected to Dragon naturally speaking but I can always reinstall if need be

    Here is the Fixlog.txt:
    \Profiles\dyc1xnox.default\user.js
    CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [Not Found]
    C:\Users\Outlook\extend.dat
    AlternateDataStreams: C:\ProgramData\TEMP:F35A93AD
    EmptyTemp:
    Hosts:
    End
    *****************

    Processes closed successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
    "HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A}" => Key deleted successfully.
    HKCR\CLSID\{5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} => Key not found.
    "HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF72DB5D-A4F5-454C-BFC1-A9A2C1B19471}" => Key deleted successfully.
    HKCR\CLSID\{CF72DB5D-A4F5-454C-BFC1-A9A2C1B19471} => Key not found.
    "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}" => Key deleted successfully.
    "HKCR\CLSID\{CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
    "HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
    C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\user.js => Moved successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla" => Key deleted successfully.
    C:\Users\Outlook\extend.dat => Moved successfully.
    C:\ProgramData\TEMP => ":F35A93AD" ADS removed successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 530.3 MB temporary data.

    AdwCleaner[S0] text file:
    # AdwCleaner v4.107 - Report created 15/01/2015 at 14:13:39
    # Updated 07/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows 7 Professional Service Pack 1 (32 bits)
    # Username : Bruce - BRUCE-LENOVO
    # Running from : C:\Users\Bruce\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\apn
    Folder Deleted : C:\Users\Bruce\AppData\Local\PackageAware
    [x] Not Deleted : C:\Users\Bruce\AppData\LocalLow\AVG Security Toolbar
    Folder Deleted : C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    File Deleted : C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\searchplugins\bingp.xml

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKLM\SOFTWARE\Uniblue

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17344


    -\\ Mozilla Firefox v34.0.5 (x86 en-US)


    -\\ Google Chrome v39.0.2171.95

    [C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [2176 octets] - [15/01/2015 14:03:51]
    AdwCleaner[S0].txt - [2130 octets] - [15/01/2015 14:13:39]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2190 octets] ##########




    JRT text file
    ~~~ Services



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\search protection



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Windows\System32\Tasks\NatSpeak Periodic Acoustic Optimization
    Successfully deleted: [File] C:\Windows\System32\Tasks\NatSpeak Periodic Language Model Optimization
    Successfully deleted: [File] C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
    Successfully deleted: [File] C:\Windows\Tasks\NatSpeak Periodic Acoustic Optimization.job
    Successfully deleted: [File] C:\Windows\Tasks\NatSpeak Periodic Language Model Optimization.job
    Successfully deleted: [File] "C:\Windows\wininit.ini"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\pcdr"
    Successfully deleted: [Folder] "C:\Users\Bruce\AppData\Roaming\pcdr"
    Failed to delete: [Folder] "C:\Users\Bruce\AppData\Roaming\search protection"
    Successfully deleted: [Empty Folder] C:\Users\Bruce\appdata\local\{43C994E7-E458-4BF3-8A32-D4AC3CF9F92D}



    ~~~ FireFox

    Emptied folder: C:\Users\Bruce\AppData\Roaming\mozilla\firefox\profiles\dyc1xnox.default\minidumps [849 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Thu 01/15/2015 at 14:36:26.36
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  7. #7
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    It's always good to hear things are running better.

    Is KB3004394 installed?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #8
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    good gosh I meant to add this and hit the wrong button

    https://java.com/en/download/
    The above will download the latest version of Java
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #9
    Member
    Join Date
    Feb 2007
    Posts
    40

    Default

    Java update 25 is installed already
    KB3004394 is not.

    Quote Originally Posted by Juliet View Post
    good gosh I meant to add this and hit the wrong button

    https://java.com/en/download/
    The above will download the latest version of Java

  10. #10
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    still receiving that error? Windows is not Genuine
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •